While it’s usually the big-name organizations that make the news when they get hit with a cyberattack, Verizon’s 2018 Data Breach Investigation Report found that 58 percent of data breaches target smaller businesses. If you run a small business, it’s important to consider what could happen if your customer, transactional and operational data is breached – and take the necessary steps to prevent this from happening.
Here are five security tips that could help you protect your small business.
1. Recognize and avoid falling victim to phishing. Oftentimes, a malicious email can be a hacker’s entry point into an organization. And gone are the days of poorly spelled scams that are easy to spot. You must train your staff to be cautious, and to avoid opening unknown attachments, clicking on suspicious links or responding to random requests for information – i.e. someone asking for all your employees’ T4 slips – even if they appear to be a senior executive. (In that case, it’s best to give that person a call first, to confirm the request is really coming from them.)
2. Avoid reusing or creating easy-to-guess passwords. If someone is trying to break into your network, it’s likely that the first password they try will be “password,” followed by “admin,” “123456” and other commonly used, easy-to-guess passwords, which are sometimes assigned to a router by default. To protect your network, you will want to make your passwords much more difficult to predict. It’s also best to avoid using the same passwords across various websites and applications, whether personal or for business. If an attacker manages to crack your password on one app, you can bet they will try entering it everywhere else.
3. Update out-of-date systems. End of support dates for popular Windows applications like Windows 7 and Office 2010 are looming – and the EOS date for SQL Server 2008 has already passed. If you are running machines on outdated software, they are no longer receiving bug fixes, security updates or technical support – making them much more vulnerable to attack.
4. ABP – Always be patching! WannaCry, one of the most notorious ransomware attacks of recent years, first started spreading in May 2017. But two months earlier, Microsoft detected the vulnerability, and issued a patch for it, which would have prevented WannaCry from spreading. And yet, a May 2019 report suggests that 145,000 unpatched devices still remain vulnerable to a WannaCry attack. While updating an essential device in the manufacturing, healthcare or retail industry might cause some disruption to the business, that downtime would most likely pale in comparison to the disruption, not to mention loss of revenue, caused by a ransomware attack. With that in mind, it’s best to apply security patches as soon as they become available.
5. Use a mobile device management (MDM) solution to secure every endpoint. More and more businesses are moving toward a bring-your-own-device (BYOD) policy, and this is especially true of small businesses, where some employees might even use their own personal laptops at work. That’s why it’s important to password-protect every phone, tablet and laptop that’s used for business – and to deploy a mobile device management solution that allows you to remotely lock, wipe or reset a lost or stolen device. If you are running on Windows, this MDM technology comes built in with Microsoft Office 365.
How to secure your systems with HP technology
With cyberattacks happening every 40 seconds, every decision you make for your business is a security decision. HP’s print and PC security solutions integrate protections into everything they create – so you can stay a step ahead of the threats and keep your devices, data and identity safe. Learn more about HP’s built-in security features.