As a small business owner, you might think computer hackers aren’t that interested in going after you. After all, aren’t large companies like Target, Home Depot and others more worth the hackers’ time?
Surprisingly, no. According to Symantec’s 2016 Internet Security Threat Report, 43 percent of all cyber attacks affect small businesses, and small businesses have a 1 in 40 chance of being affected. If you’re hit, it can mean hackers can steal credit card information from your customers or access your customers’ private account info, making them vulnerable to identity theft, or they can steal money directly from your accounts.
In fact, hackers increasingly see small businesses as ideal targets because they have fewer protections in place than big businesses.
If you’re a small business, knowing how to protect yourself from cyber attacks can seem overwhelming. Here are the most common ways that hackers can access your data, and what you can do about it.
- Phishing Emails — One of the most common ways that hackers get access to your customers’ data is by sending phishing emails. In a phishing scheme, hackers send emails to you or your employees that look like they are from legitimate businesses asking the employees to update their passwords and other personal information on another website, which usually looks almost identical to another real site.To avoid these scams, teach your employees to be suspicious of any emails that ask them to update their account information, especially ones that are written using poor grammar; never send passwords or other account information via email; and make sure to only enter account information on a secure site (which will start with https://).
- Man-in-the-Middle – If your business sends online messages to customers, such as through an instant messaging service, or you if have an online portal where customers can login into an account, you could be susceptible to Man-in-the-Middle cyber attacks. In this type of situation, a hacker poses as both the sender and the receiver of the information. The hacker intercepts the message from the customer, which may include account information or a password, and then the hacker pretends to be the customer and can change account information to send money to themselves. This can happen especially easily if information is being sent over an unencrypted Wi-Fi connection, which is why hackers often like to set up Wi-Fi hotspots with generic names such as “airport” or “coffee shop” that people unwittingly log onto.
- Password Attacks – Hackers can get access to employees’ or customers’ passwords in three ways: Brute Force attacks, in which hackers use a computer script to guess passwords, usually starting with the easiest ones first; Dictionary attacks, where they use a computer script to search common words; or Key Logger attacks, where a user downloads a malicious software program that tracks all of their keystrokes.To prevent the first two kinds of password breaches, encourage employees and customers to use more complicated passwords that are harder to guess and to avoid using the same passwords they use on other sites. You can also install two-step authentication software, where someone has to type in their password as well as a separate code that is sent to them on their mobile phone or email that they have to input in order to access the system.
Now that you know about the risks, here are eight easy things you can do to make your office environment more secure.
Best Ways to Protect Your Business From Cyber Attacks
- Install malware protection software on all devices
- Install a two-step authentication software for any sensitive information
- Don’t use a shared password among multiple employees
- Never conduct important business over a public, unencrypted Wi-Fi network
- Make sure your Wi-Fi router at the office is encrypted and secure
- Make sure employees use strong passwords
- Make employees change their passwords at least every three months
- Keep your software up to date
If you rely on online banking to manage your business, fear not. Online banking can still be very secure, as long as you follow some of the basic tips we’ve shared above. Be sure to avoid checking your online banking account over an unencrypted WiFi connection, don’t share your online banking password with others, and never any suspicious emails or ones asking you to update your bank password. With a little common sense, online banking can be fast, easy and most importantly, safe.