When Manta asked more than 1400 small-business owners last year if they felt their business was at risk of a data breach, an overwhelming 87 per cent said no.
This is alarming because it couldn’t be further from the truth.
According to the Verizon Data Breach Investigation Report, 61 per cent of breaches involved small businesses in 2016, up from 53 per cent in 2015. And the future for small businesses that are breached is dire: it has often been estimated that more than half go out of business within six months.
Hackers target small businesses because cybersecurity defences tend to be weaker than those of large corporations, and small companies are often used as the gateway to gain access to larger organisations.
These cybersecurity threats are among the most overlooked by small businesses. Luckily, they’re also some of the simplest and most affordable to address.
Mobile devices
Mobile devices are responsible for a growing number of data breaches, including some of the largest and most newsworthy. As with office computers, all company-issued mobile devices should have cybersecurity software installed.
It’s also wise to invest in a mobile device management (MDM) product that allows you to manage and control all mobile devices from a central, cloud-based console. MDM provides secure access to business data and applications. It can be used to restrict behaviour and prevent certain apps from being downloaded. If a device is lost or stolen, MDM can be used to remotely wipe confidential business information.
If employees use their personal devices for work, you’ll need an MDM product that allows IT to control data and apps on devices without violating employees’ personal privacy. These products are readily available, and prices start at just a few dollars per month for each device.
Insider threats
A recent IBM survey found that 60 per cent of cyber attacks are caused by insiders. Some three-quarters of those are malicious attacks, while the rest are accidents such as clicking on a phishing link or emailing sensitive data to the wrong person.
Employee monitoring software is a valuable tool for preventing, detecting and intercepting any employee behavior that puts your company at risk. Tracking tools allow you to create rules for how data and information can be used, and they alert you when policies are being violated so you can stop the behavior.
There are free versions with very limited capabilities all the way up to robust, customisable products that cost up to $50 per user per month. For about $25 per user per month, you can find a highly-secure and customisable product that gets good reviews from computer experts.
Outdated software
WannaCry, the global ransomware attack that dominated headlines in 2017, was caused by a simple error most of us make: failing to update software. If all the affected computers had been patched, the attack could have been prevented.
Software and operating system updates might seem inconvenient when they pop up on your screen, but don’t ignore them. Often, they fix precisely the type of bugs that hackers find and exploit. In fact, a patch for the Microsoft security problem that was exploited by WannaCry was released two months before the attack.
If possible, use software and operating systems that update automatically. You’ll never have to worry about vulnerabilities that a couple clicks could have prevented.
Isaac Kohen, Founder and CEO, Teramind
