Security threats present real risks to the health and survival of small companies. Targeted attacks on small businesses accounted for 30% of all attacks in 2013, according to the 2014 Symantec Internet Security Threat Report. Part of the reason small businesses are a focus for attacks is that many lack the secure infrastructure that larger companies often have in place.
However, just because your company is small doesn’t mean it can’t have a secure technology infrastructure. In fact, putting a secure technology infrastructure in place is well within reach of small companies. Use these considerations to guide your planning.
Establish a solid technology foundation for the computers, mobile devices, servers, routers and other hardware you rely on to run your company. A firewall is the most basic form of protection and should be established between your company hardware and any access to the Internet.
Security software can detect and deter viruses, malware, spyware and other threats to your company’s technology. Having security software is critical given the prevalence of threats and the damage they can inflict.
As you assess security software, consider business-grade, as opposed to consumer-grade, protection. This level of protection may provide the most updates and security patches that will continually safeguard you against evolving threats. Business software may also offer protection for multiple devices, ensuring that your software protection extends across your whole company.
If you engage in e-commerce or gather customer data via your website for any reason, consider a Secure Socket Layer (SSL) certificate. A SSL certificate encrypts information that travels between websites and visitors and ensures that third parties cannot access it. A SSL is pretty much essential if you gather customer information such as credit card numbers, usernames, passwords, contact information or other personal data. Having it in place communicates to potential customers that you will protect the information they share with you.
Mobile devices can increase your company’s likelihood of experiencing a security issue and should be safeguarded as part of establishing a secure foundation for your company. The out-and-about nature of mobile devices puts them at greater risk for being stolen and accessed without authorization. Other mobile threats include malicious apps and viruses that are an increasingly common way for hackers to gain access to private information.
Some basic safeguards for protecting mobile devices include insisting on strong passwords for all mobile devices used in the course of business and prohibiting the use of public WiFi networks for any company business. You can also protect mobile devices by using security software. Many small businesses are developing Bring Your Own Device (BYOD) policies that outline steps employees should take to keep mobile devices and company information safe.
Your technology is only as secure as the riskiest action of any employee in your company. Consider in-depth security training for new employees and ongoing reminders for your team. By communicating your commitment to security and acknowledging its connection to company success and survival, you will build good employee habits.
While this effort may sound like too much for your company, you can scale it down to a manageable level. For example, a basic security training sheet—including advice for creating a secure password and avoiding high risk downloads—can be created quickly and easily. Likewise, sending quarterly emails that remind employees to be vigilant about threats can reinforce that you are serious about protecting your company infrastructure.
In this world of increasingly frequent technology cyber-attacks, a strong technology infrastructure and effective security policies can help to ensure that you keep your company and customer information secure. With strong security in place, you can focus on the other important tasks involved in running your company.
Print this article