Cybersecurity for Small Businesses

Cyber-Security-blog-img
Success Story / Tips

Cybersecurity for Small Businesses

Your business could be a target for cyber criminals

Knowing and putting these basic cybersecurity principles into practice will help protect your business and reduce the risk of a cyber-attack or security breach.

Protect your files and devices

  • Update your software – set updates to happen automatically
  • Secure your files – back up important files in external hard drives or in the cloud
  • Require passwords – use passwords on all devices including tablets and mobile devices
  • Use multi factor authentication – require multi factor authentication for areas within your network with sensitive data

Beware of ransomware

  • Scam emails – only access links and attachments in emails from a trusted source
  • Infected websites – they can automatically download malicious software to your network via computers with your infrastructure.
  • Online Ads – malicious code could be embedded into ads even on websites that you know and trust

Vendor Security

  • Verify compliance – establish processes to ensure your vendors have a process that is being followed. Do not assume this is the case, verify.
  • Put it in writing – include provisions for security in contracts you have in place with your vendors such as plans for regular assessment of security controls. This should always be binding.
  • Adapt to change – cybersecurity threats are evolving so should the controls that you have in place with your customers.

Email Authentication

  • Sender Policy Framework – implement this email authentication method designed to detect dubious email addresses during the transmitting of emails
  • Domain Keys Identified Mail – a digital signature on outgoing mails will allow servers to verify that emails originated from your company’s domain
  • Domain-based Message Authentication, Reporting & Conformance – this provides a message on your email traffic telling other servers or domains what to do when a message is received from a domain that bears your identifier

Make Security Business As Usual

  • Train all staff – institute a culture of security by implementing a regular schedule of compulsory cybersecurity training
  • Have a plan – to store and retrieve data, business continuity and informing impacted internal stakeholders and customers in case of a breach.
  • Know the response plan – all staff should know what do if there is a breach, including whom to notify and how to reduce the risk
  • Keep your IT security up to date – ensure latest patches and updates are installed. Utilize addition services like email authentication, intrusion prevention and threat monitoring software

Leave your thought here

Your email address will not be published. Required fields are marked *