by Dave Carattini, CEO, Arizona Tech Works
(Editor’s Note: Arizona Tech Works was founded in 2007 to help organizations in Arizona get the most out of their business technology. Over the years, Arizona Tech Works has helped many organizations relieve their technology worries so that they can concentrate on growing their business and realizing their goals. Carattini can be reached at firstname.lastname@example.org, www.aztechworks.com, or by calling (623) 444-2395.)
Hackers prefer the little guy. The high-profile data breaches you read about in the news are only the tip of the iceberg when it comes to the digital crimes being perpetrated day after day, especially against small businesses. Today, according to a report by the National Cyber Security Alliance, 70% of hackers specifically target small businesses. Attracted by the prospect of easy money, they search for those organizations who underspend on protection, who have employees untrained to spot security risks, and who subscribe to woefully out-of-date practices to protect their data. As a result, more than 50% of small businesses have been hacked, while 60% of companies breached are forced to close their doors within six months.
Most business owners have no idea the danger in which they’re putting their livelihood by leaving cyber security up to chance. According to a survey conducted by Paychex®, 68% of small-business owners aren’t concerned about their current cyber security standards, despite the fact that around 70% of them aren’t adequately protected. In the face of an imminent, global threat to the very existence of small businesses everywhere, most CEOs offer up a collective shrug.
The tactics and software available to hackers become more powerful and sophisticated by the day, but with so many unwitting victims, most criminals don’t even need to work that hard to net a seven-figure income. By sticking to tried-and-tested tools of the trade, such as phishing, ransomware, and the subtle art of guessing passwords, they leech comfortably off the earnest efforts of small businesses all over the world.
So, what’s to be done? Well, first things first: You need to educate yourself and your team. Protect your organization against phishing by fostering a healthy skepticism of any email that enters your inbox. Make it a habit of hovering over hyperlinks to check their actual destination before you click. If an email is coming from someone you know, but the email address is different or the wording is unusual, verify it with the other party. And never, ever send passwords or personal details to anyone over the internet if you can avoid it.
Speaking of passwords, you probably need to upgrade yours. The majority of folks use the same password for everything from their Facebook account to their business email. The fact that this includes your employees should make you shudder. It may not seem like a big deal, and you might think, “Who’s going to take the time to guess SoCcErMoM666?” But, aside from the fact that simple software enables hackers to guess even complicated passwords in minutes, that’s not even usually necessary. Instead, they can just look at the data dumps from a recent more high-profile breach, such as the Equifax® fiasco, pull your old website from there, and type it into whatever profile they want to access. If you keep all your passwords the same across sites, it won’t take them long to dig into your most precious assets. To avoid this, implement a strict set of password regulations for your business. Use a business version of a password manager, such as PasswordBoss or RoboForm® for Business, so users need only remember one super-complicated password. Implement two-factor authentication on everything possible.
Of course, you can try to do all of this yourself by reading up on hacking techniques and watching YouTube® security videos then teaching your team until you’re blue in the face. A data breach can still occur. Cybercrime is constantly evolving, and staying abreast of its breakneck pace takes a dedicated awareness of the latest protective tools and measures. That’s why your single best weapon to defend you against the hackers at your door is to find a managed service provider (MSP) with a background in defending against digital threats to partner with your organization. These companies not only regularly monitor your network, they also implement the very latest in endpoint security. They keep it updated with the latest patches and measures to prevent the worst. And if crisis somehow still strikes, they’ll be able to get your network back up in minutes rather than days, equipped with an expert knowledge of your systems and years of experience in the field.
In today’s digital world, leaving your cyber security up to a subpar antivirus, a router from your local big box store, and some wishful thinking is more than irresponsible: it’s an existential threat to your company. But with a little savvy, a bit of investment, and a second opinion on the circumstances of your company’s security, you can rest easy knowing that no matter what comes, you’re protected.