Cyber threats in today’s digital environment are real, and they are everywhere—even in places Los Angeles small business owners and executives wouldn’t expect. Take printers, for example. Most users think all they need to do is connect their printer to the network, hit command-P, and their documents are safely printed. However, data stored in a printer’s memory can be vulnerable, and unfettered access to the printer is not a best practice. Despite this vulnerability, a survey by the Ponemon Institute and HP found that only 44 percent of companies include printers in their IT security policies.
Small businesses have much to think about when implementing and following IT security best practices. Whereas large companies can usually absorb the financial and reputational damage sustained from a data breach or interruption of service, SMBs might never recover from a serious incident. Besides the printer example, here are several more IT security best practices for small businesses in Los Angeles:
Malware, ransomware, and viruses invade systems and wreak untold havoc on small businesses. The consequences are costly for organizations that might not have a solid strategy for how to prevent such intrusions or react after an IT security incident has occurred. Proactively installing and updating anti-malware and antivirus software, as well as implementing advanced firewalls to keep networks secure, decreases the risk that hackers will penetrate and discombobulate your systems.
Even two-plus decades into the email era, work users still click on questionable links and open dangerous attachments, thus exposing the organization to malicious applications and ransomware. Robust spam filtering is an IT security best practice small businesses should implement. Additionally, simple education for employees on what they should beware of when opening emails goes a long way toward preventing intrusions.
Strong Password Guidelines
Equally as ridiculous in this hyper-digital age is the number of people who still use “password” or “12345” as their passwords. The security measures that are in place to protect your mail and SaaS apps—as well as access into your business’s systems—won’t mean much if the bad guys can get in through the front door simply by guessing “qwerty” or the user’s first name as the password on an account. IT security best practices such as password strength guidelines, frequent required password changes, and even two-factor authentication safeguard your systems from perhaps the most direct cyberattack that hackers attempt.
Proactive BYOD Policies
The bring-your-own-device (BYOD) trend has surged this decade, with no sign of slowing down. BYOD offers an opportunity to reduce hardware costs by letting employees use their own laptops, tablets, and smartphones for work. However, while this option offers increased convenience, risk also increases; if you leave an insecure iPad with access to your systems at a coffee shop, you practically give the finder the keys to your small business’s kingdom. Indeed, one survey discovered that 20 percent of organizations have suffered a mobile security breach. Proactive BYOD policies ensure that applications on employees’ personal technology are installed and used correctly, that users are keeping security top of mind, and that access to a device that is lost or stolen can be remotely and immediately shut off.
Your data—and, perhaps more importantly, your customers’ data—is among your most important assets. If you suddenly lose access to your data, the business will suffer, maybe to the point of never recovering. With ransomware so prevalent today, you risk being blackmailed just to reclaim hijacked data. Strong backup measures protect your data from server meltdowns, cloud provider hiccups, and hackers, thus providing peace of mind that when the unexpected does happen, you’ll be ready to quickly resume operations.
Small businesses enacting IT security best practices often overlook a crucial element: the physical security of their technology. Access to the office may be unfettered during the day, and server rooms may be left unlocked at night. As already alluded to, a stolen computer can be just as damaging to the organization as a system that’s been hacked. Therefore, always keep the physical security of your operation in mind. You don’t necessarily require a security guard at the door, but simple measures and plenty of vigilance help deter would-be thieves.
Plenty of small businesses try to get a handle on IT security but never seem to get it right—and fail to realize they don’t have it right until too late. The best answer to this conundrum is to outsource security to a quality third-party IT services provider that can create the strategy that the enterprise can’t. The best providers handle all aspects of cybersecurity: firewalls, antivirus software, spam filters, governance, backup, and more. In the case of comprehensive managed service providers, security measures are tied into everything they do—from the hardware they install to the cloud migration they implement. Also, such experts are often a more cost-effective option than hiring in-house IT staffers. Cybersecurity is too important for small businesses to leave to chance; taking the third-party route offers the confidence you need that your IT will be safe.
Which IT security practices does your small business struggle with?