Good Simply Isn’t Enough
Blog / Good Simply Isn’t Enough
With the increase in cyberattacks in 2020, basic cybersecurity measures for small businesses aren’t good enough. Implement these strategies to protect your business.
The Hidden Costs of Poor Cybersecurity Measures for Small Businesses
Cybersecurity measures for small businesses is a major topic as we head into 2021.
It comes as no surprise, given the pandemic, the increasing number of attacks, and various high-profile companies making the news.
Zoom came to the forefront of cybersecurity issues when it became known that they didn’t provide end-to-end encryption of customer’s communication. The company reached a settlement with the US Federal Trade Commission for misrepresenting its security features.
There were also several other high profile companies hacked during the year. For example, Twitter accounts were hacked through Twitter’s own company Slack account.
Now, if these major companies are susceptible to such big breaches, where does that leave you?
Prioritising cybersecurity for your small business is a must
Cybersecurity cannot be an afterthought; cybersecurity measures in today’s digital climate must be at the forefront of everyone’s minds.
With the pandemic having forced many businesses to operate remotely, and many individuals now working on personal devices, the threats have skyrocketed in the interim.
Companies are reporting more attempts at delivering malicious code to their systems. Fundamentally, most attackers are opportunists. They take advantage of vulnerabilities and are not averse to going after the big guys and the low-hanging fruits. There are multiple phishing scams, watering hole attacks, and various cyberattacks using legitimate sources with backdoors to their products or services - for example the SolarWinds attack was only one vector into a much larger attack via commonly used corporate tools.
As a small business, you can provide hackers with access to data and money. So, if your security systems are at the more basic end with lower-than-average defences, you’re placing your business at risk. Certainly in the current climate everyone is a target, but if it is easier to target you instead of the business next door…
So, now that the mad scramble has died down and we need to facilitate on-going remote working capabilities alongside in-office activities, it’s time to assess your security protocols to move away from the bare minimum.
Developing a new cybersecurity standard for your business
Bringing your security suite up to an acceptable standard means engaging cyber security experts who can assess your status with a view to implementing safeguards for now and the future.
It pays to look at endpoint protection combined with detection and response capabilities. As such, you may need to look beyond just traditional antivirus solutions to more robust endpoint protection software.
Best Practices to Adopt
As you look to improve your security measures, you need to implement systems to keep your cloud-based data, applications, and infrastructure secure. More than likely, you’ve started accessing more cloud-based services, especially to facilitate remote access. Choose cloud platforms that offer the highest level of security and make sure you’re using multiple factors of authentication.
The most basic step to protect your network is restricting access to your Wi-Fi with a password. If you offer guests or clients Wi-Fi access, make sure it’s not the same Wi-Fi network as the one for your internal systems, and ideally maintain an ‘air gap’ (ie no electronic connection) between guest and internal systems. And now that your team are working at home so much more, make sure that you educate and insist upon a minimum level of protection in your staff’s home set ups.
Virtual Private Networks (VPNs)
This is especially critical for remote working environments where your staff need to connect to your local network, but you cannot be assured of the security at their remote end. A VPN allows you to secure your company’s data in an encrypted format. So, if the information is intercepted, all the hackers will have is encrypted data.
Updating software is critical to prevent hackers from using outdated apps with known vulnerabilities to access your system. But there is also the possibility for supply chain attacks using these trusted third-party auto-update features. So, in addition to updating your software on a regular basis, ensure you invest in security solutions that can assess, detect, and respond to potential threats.
Limiting the cybersecurity hidden costs
The obvious repercussions of poor cybersecurity measures may be felt in the fines that hit your bottom-line if you’re a private organisation.
But consider your reputational damage, the loss of future business that could occur. How your personal data could be compromised.
So, while basic is good, it’s just not good enough in today’s digital climate. Attackers go after the easy target, so make yourself less attractive by stepping up your security game.
You need better than average security measures, no matter the size of your business.
Fancy reading something else - what takes your fancy?atlassian ciso cloud covid19 crime culture cybersecurity employees insider-threat malware remote-working security semafore