Of the 855 data breaches Verizon examined in its 2012 Data Breach Investigations Study, 71 percent occurred at businesses with fewer than 100 employees. The Association of Certified Fraud Examiner finds the median small business loss due to fraud to be $200,000. These losses can be prevented with better protection and more knowledge about fraud and cybercrime. With small business cyberattacks on the rise, knowing how to protect your business assets is more important than ever. Start with these tips.
Training Employees to Stay Safe
Familiarizing yourself and your employees with different types of cybercrime helps everyone do their part in monitoring security threats. During the average day, your employee may be at risk in the following situations:
- Traveling to and from work, due to theft of personal devices or documents containing sensitive information
- Traveling for business, due to theft of personal devices or documents containing sensitive information
- Checking work email at a cafe or restaurant, if a hacker accesses sensitive information
- Buying business lunch with the office credit card, if a hacker skims the card number
- Checking work email, if the employee falls prey to a phishing attempt
- Working from home on an unsecured wireless network
Unfortunately, these are just a few of the daily situations that put the average worker at risk of cybercrime and identity theft. Offer staff a list of online resources. For example, Lifelock offers identity protection tips and information about the dangers of phishing, skimming and other criminal strategies. Staff can familiarize themselves with ways to protect personal and professional data. Should staff then sign up for Lifelock’s identity theft protection services they can earn free rewards miles from AA.
Keeping the Workplace Secure
By teaching your employees about cybercrime, you enable them to alert you to any suspicious emails or internet activity. Additionally, take the following precautions, with help from the Small Business Administration, to minimize your risk:
- Secure the workplace’s wireless and IT infrastructure using firewalls, anti-virus software and malware/spyware detection
- Use a business credit card for all business transactions, and keep completely separate business and personal bank accounts and credit cards. This way, a hacker who obtains your business bank account information will not be able to seize your personal assets.
- Familiarize yourself with business bank account and credit card policies regarding fraud, so you know what protections you enjoy if your business is attacked.
- Limit financial transactions to one computer – Keep a separate computer for financial transactions, and do not use this computer for email checking, social media or other online activity.
- Promote “best practice” computing security, including password strength.
- Purchase business insurance so that if you do experience fraud, your business assets are protected.
- Set a policy regarding security of employee personal devices if you allow staff to use personal devices (BYOD) in the workplace.
Tools to Use
- Cloud backup utility – In the event of a data breach, a secured cloud backup such as Dropbox can help you get back on your feet.
- Antivirus, malware and spyware – Sophos offers free mobile, Mac and PC antivirus software, so there’s no excuse to not secure your technology.
- Spam/phishing email filter – Not only will this cut down on junk mail, making employees more productive, it can also screen out phony emails.