Small businesses are able to take advantage of so much technology that would never have been practical even ten years ago, and do so within more cost effective means. Executives have everything from corporate email to critical business analytics literally at their fingertips with smart phones and tablets. Employees have the ability to work remotely without missing a beat, and customers have access to all their order related information – and it’s accessible with self-service customer support functions 24×7.
But with this flexibility comes risk; with easily accessible software and technology also comes someone willing, and able to exploit that information for their benefit. By not securing your software, technology or infrastructure, you put yourself and your customer’s information at risk. A risk your business may not be able to recover from without significant damage and expense.
These days businesses don’t just have to worry about virus’s or malware exploiting a weakness, but also hackers looking to profit off your vital customer data and proprietary information. While nothing is one hundred percent foolproof, there are many steps any business can take to minimize the risks.
Limit Access to Data
As businesses grow they need to reevaluate who needs access to critical customer and proprietary data. Early in the life of a business, data tends to be more open and access is readily available. This is not to say that it’s an acceptable practice, just the reality of many businesses. By performing an audit of the most critical and sensitive data, companies can determine where access should be restricted, and who should have access. This holds true for electronic data as well as physical hardcopies of information.
Implement a Network Firewall
Today, most every small business has access to the internet from their network – but very few have sufficient security to protect vital data. While your router may contain some level of firewall through your ISP, these typically are not capable of providing significant protection for most businesses. A standalone firewall will enable you to customize and route traffic more efficiently and lock down variables that aren’t capable otherwise. Being able to monitor the network traffic and implement strict rules for packet types, sources and ports, businesses can better protect against attacks.
Maintain Software Updates
It seems like every other day there are various updates available for mobile apps, Java, Windows operating systems and server software. Many small businesses either struggle to maintain all the updates, or fail to even recognize the need to apply these updates. However, the majority of these updates are to provide security fixes and close loop holes and vulnerabilities in addition to new features. This task applies to firewalls and network infrastructure, not just workstations and servers. Be sure to stay on top of these updates and insure they are applied quickly at all levels, form workstations to servers.
With the proliferation of smart phones and tablets also comes the increased number of hackers looking to gain access to personal and corporate information. Users and companies need to be able to protect these devices, while still allowing the flexibility and feature rich capabilities that these devices are known for. Many software developers are releasing encryption software that will allow businesses to encrypt email, data and monitor any unwarranted activity. By utilizing trusted encryption software and developers, businesses can continue to utilize these devices.
Passwords & Account Names
Often time’s hardware and software come with default user names or accounts to allow for an expedient install, however this can leave you wide open for attacks. Hackers will use a brute force attack against a default account or default username until they gain access. By changing the default account name and password you can make a brute force attack even harder. In addition many security features offer a lock out option after so many failed attempts, this is another critical way to thwart attackers.