Chances are your small business stores a lot of vital information online. Have you taken the right steps to protect this data for you and your customers? Here are some concepts and tools that will help you to protect your small business.
1. Train your employees how to manage basic security. Establish and practice basic security principles and policies for all employees including requiring strong passwords and appropriate Internet use guidelines with penalties for violating your small business’ cyber security policies. Establish rules of behavior that govern how to handle and protect customer information and other vital data.
2. Protect your data, computers and networks from cyber-attacks. The important thing here is to keep machines current with the latest security software, updated versions of your web browser and a contemporary operating system. Keeping current, clean machines is an investment against viruses, malware and other online threats. It’s also important to keep updated antivirus software like Norton or McAfee that runs a scan after each update.
3. Create a plan to manage mobile devices. Mobile devices can be an attractive target for cyber-attacks, especially if they hold confidential information or can access other features or software of your small business. Require your employees to password protect their mobile devices, encrypt their data and install security applications to prevent thieves from stealing data while the phone is connected to public networks. Your small business should also have a plan in place to report any stolen phone or other mobile device as soon as possible.
4. Set up firewall protection for you Internet connection. A firewall is a program that keeps outsiders from being able to access data on a private network. Make sure your operating system’s firewall is enabled. Any employees working from home should have equivalent protections on their home computers as well.
5. Secure your Wi-Fi networks. If you have a Wi-Fi network in use at your workplace, make sure it is secure, encrypted and hidden. The network should not broadcast your network’s name or Service Set Identifier (SSID) and the router should be password protected. If you decide to offer free Wi-Fi to customers of your small business, be sure to set it up as a separate network and still password protect it. You can still give out the password to your loyal customers but asking for the password requires them to engage with your employees and encourages them to make a purchase in order to enjoy the privilege.
6. Make backups. Regularly backup the data on all your computers and devices. This may sound like an expensive proposition, but hard drives and cloud technology have made backup technology extremely cheap and reliable in recent years. Critical data includes word processing documents, spreadsheets, databases, financial documents, human resources files and all accounting documentation. Backups should be automatic, performed daily or weekly, and ideally stored offsite or in the cloud.
7. Control access to your computers and create unique user accounts for your employees. This practice prevents the access of business computers by unauthorized persons. Laptops can be a particularly attractive target for theft, so lock them up when they are not being used. Be sure a unique user account is created for each employee with appropriate levels of access. Administrative privileges should only be administered to trusted IT staff or contractors and key personnel or leadership employees.
8. Use best practices with payment cards and systems. Work with your accountant or bank to ensure the most trusted and validated tools and anti-fraud services have been implemented and are accessible to your small business. Note that you may have additional security obligations required by your bank or payment processor, so do your due diligence before beginning to process customer payments. Ideally, payment systems should be dedicated machines that don’t serve other functions in your small business.Data Security Best Practices for Your Small Business