The pandemic raised many challenges for small businesses. While having the ability to work online has revolutionized the way businesses of all sizes operate, it has also increased organizational exposure to fraud and cybercriminals. To help small businesses understand best practices for maintaining cybersecurity as we move forward through the pandemic and beyond, we have put together a list of tips to follow as remote work continues.
Educate your employees
Employees need to be made aware of potential dangers and how they can prevent an attack. Unfortunately, a recent survey we conducted with Angus Reid found that only 10 percent of small businesses noted cybersecurity education and ensuring adherence amid the pandemic was a challenge. While this may seem like a positive, more concerning – and illuminating – statistics come from a separate survey of IT professionals that we conducted: 48 percent of small businesses indicated they provide training on cybersecurity resources, the lowest of any business size. Lack of cybersecurity education is one of the biggest challenges small businesses have faced during the pandemic, as it left many business owners scrambling to assess their current situation and what their needs are to ensure business continuity.
Update your software
Keeping software up to date is an important cybersecurity measure all small businesses should take to prevent a cyberattack from occurring. When software is outdated, it’s at a greater risk of being exposed to cybercriminals. While it can be tempting to continuously click “schedule for later”, allowing software updates to take place is a critical component to ensuring cybersecurity. Our survey found that nearly one quarter (25 percent) of small businesses invested in security software such as antivirus and email over the course of the pandemic. While this initial investment is important, continuing to invest and update the software is just as critical to any organization. It can be challenging to ensure adherence when employees are working remotely, but reminders to update their software when prompted is key to protecting your sensitive data from being hacked.
Change your passwords
All employees should be reminded to only use strong passwords or phrases for everything from email, laptops, smartphones, tablets and internet access points that are tied to any business accounts. We recommend changing passwords every 60 to 90 days as a safe cybersecurity practice. Our survey found that 12 percent of small businesses will take cybersecurity more seriously moving forward. While this is a welcomed step in the right direction, we hope this number grows in the future as organizations become more aware of the evolving threats.
Safeguard your network
When working remotely, it’s important for employees to separate their networks into two connections, one for their personal devices and another for the devices they use for work. We know that nearly two-thirds (62 percent) of small businesses permit BYOD devices, while only 8 percent of IT professionals have concerns regarding the BYOD devices and network security. Most internet providers will let customers create a separate network with the same router at no cost. By creating a separate internet connection and using it solely for work purposes, employees are taking an added precaution to protect business data from being breached.
Another way to protect your network is to enable multi-factor authentication on your network. Our survey found this capability is only being leveraged by 51 percent of respondents to access their network, while only 16 percent are using it every time they log on. As such, implementing multi-factor authentication on your business’ network will not only increase your cybersecurity but will also position you as a leader in the space.
Create an IT policy
Defining and enforcing an IT policy that employees must follow, even if when working remotely, is vital to protecting the sensitive data that is being handled. Think about what devices, software and digital tools your employees use, so you can develop a policy that is tailored to help protect your business resources. When establishing the rules, set guidelines for employees to follow and outline violation penalties to ensure employees take this seriously.
Keep in mind, your IT policy should also be flexible as your business’ needs can change quickly. Our survey found COVID-19 changed planned IT investments for most small businesses (50 percent), with one fifth (22 percent) committing to an increased spend. For this reason, it’s also important to consider cybersecurity during yearly budget planning to be able to remain as flexible as possible.
Continue investing in IT
As business owners look to future-proof their operations, it’s critical that IT investment remains a priority in a post-pandemic world. Our survey found that investments in collaboration platforms (35 percent), endpoint solutions (23 percent) and employee-focused software (22 percent) led the way in the early stages of the pandemic, but 36 precent maintain their opposition to investing in IT looking ahead. COVID-19 has been a case study in preparedness, so continuing to invest in IT solutions that ensure business continuity in any landscape will be critical for the survival of any business in the future.
From dedicated account managers to solution specialists, CDW Canada is here to provide advice and IT support every step of the way for small businesses. Connect with one of our small business experts today by visiting cdw.ca/smallbusiness.