Make Cyber Security a Priority This Year (Infographic)
We sat down with Mike Blache, Chief Information Security Officer at TaxSlayer, to understand why you should make your company’s cybersecurity a priority and to learn how to protect your business.
Small businesses don’t usually spend as much money on cybersecurity as larger corporations, and cybercriminals are looking for easy access to sensitive information. As regulations begin to mandate that large corporations take greater steps to protect their organizations from cyberattacks, small businesses have become more frequent targets. In fact, 43 percent of cyberattacks target smaller companies.
You may think that because your company doesn’t have a lot of money in the bank, your company is safe from cyberattacks. Cybercriminals, however, still want access to personally identifiable information (PII), like your customers’ info – including credit card numbers and billing addresses – and your employee data – including Social Security Numbers.
A cyberattack won’t just hurt you, but it will also hurt other individuals, like your customers and team members. If you don’t take appropriate measures to protect your company, you can have criminal and civil suits brought against you.
Nine tips for protecting your small business
- Don’t download anything from unknown sources.
- Keep your software and operating systems up to date. Updates often patch holes in the system and provide essential security updates.
- Choose a reliable antivirus software and keep it updated. Antivirus software is not the be-all-end-all, but it will block a large percentage of cyberattacks.
- Set up firewalls. You don’t need anything costly because attackers don’t want to spend more effort than your company is worth.
- Store PII on the cloud. The cloud provider you choose is already spending money to protect their data, so they’ll also be able to protect your data. This will take much of the burden off you, but it’s still your responsibility to do your due diligence to ensure you’re using a reliable cloud provider. Read also: Does Your Business Need the Cloud?
- Take advantage of your service providers’ multi-factor authentication (MFA). MFA makes it more difficult for an attacker to gain access to your accounts. Ideally, MFA should include the following:
- something you know, like a passphrase
- something you have, like an email address or phone number
- something you are, like a fingerprint or facial recognition
- Implement a strong password policy. Consider using 12+ character passphrases instead of passwords. Passphrases are easier for you to remember, but the length makes it difficult for a cybercriminal to crack through brute force.
- Don’t reuse passwords for multiple accounts. If one account is compromised, it will be easy for an attacker to gain access to all your accounts.
- Use a password management program. It can be challenging to remember different passwords for every account you have, so let a password management program remember for you. Password management programs include LastPass, Dashlane, and 1Password.