In today’s hacker environment, it’s no longer a question of if, but when, a data breach will strike.
As a small business owner, you’re a pretty big target – a 2016 report showed that about 1 in 40 is at risk of falling victim to cyber crime.
But you wouldn’t be the first to be overwhelmed by the nuances of data protection, which, for all intents and purposes, is a job in itself.
To help break it down, here are eight fundamental ways to protect your business from the threats of the dark web.
1. Conduct a security audit.
If you’re like most retail store owners, you’re probably not even sure what data needs to be protected. In that case, a security audit is a great place to start. Bring in a professional to comb through your IT infrastructure, identify vulnerable areas, and recommend exactly how to keep hackers at bay. Even better, hire a security vendor to do it for you. Believe us: It will be well worth the investment.
2. Don’t compromise on anti-malware and anti-virus protection.
Spam emails and harmful websites are so easy to come by that nobody is truly safe from malicious software. Your next investment should be in an industry-standard anti-malware and anti-virus protection for all your machines and mobile devices. (And while on the subject of malicious activity, don’t forget to secure your hardware, too – small stores are four times more likely than homes to suffer a break-in, which is how many data breaches begin.)
3. Create strong (and multiple) passwords.
We all know passwords work best when consisting of a crazy combination of capitals, numbers, and special characters, but a surprising (or maybe not so surprising) number of us don’t bother. Most people underestimate how easy it is for hackers to crack passwords, even though all it takes these days is a simple “dictionary attack.” Make your passwords as complicated as you can, create a separate password for everything, reset them regularly and, though tempting to write them down, try to commit your passwords to good old-fashioned memory – just about the only thing hackers can’t access!
4. Keep your software up to date.
How many times has that same software update pop-up been postponed for another day? (Not judging – we all do it.) Unbeknownst to the majority of people who don’t read the details, many updates fix critical problems like security vulnerabilities for which hackers spend hours scanning the web. The best thing you can do is put all work aside and install the update like, yesterday.
5. Back everything up.
Knock on wood, but if anything happens to compromise data that isn’t backed up, you’ll lose it. Ensure all company data is backed up automatically and test every backup to double check recovery is possible. Back up several times a day. Eat backups for breakfast! It may seem obsessive, but every hard drive will fail eventually.
6. If you store it, encrypt it.
Whether it’s for employee social security numbers, credit card details, or last month’s sales report, encryption is a small business owner’s best friend. Like backing up, this is designed for contingencies. If encrypted data is lost or stolen – say, a thumb drive disappears – whoever accesses the data won’t be able to read it.
7. Educate your staff.
Last year, employee errors were responsible for over 90 percent of cyber attacks. If your employees aren’t clued up on the basics (recognizing phishing emails, taking passwords to their graves, and working only on secure networks, for example), they can give away information without even realizing. Establish clear, simple security policies and ingrain them firmly into your team’s culture. Also, think of these policies as a fire drill: Your employees shouldn’t only know how to prevent a fire; they should also know what to do in the event of one.
8. Know your enemy.
For your employees to be truly cyber-savvy starts with your leadership. While you don’t need to be an expert in cyber security, your most important role in this effort is to do your research on common scams – which are growing more and more sophisticated by the minute – and stay up to date with them (The Hacker News is a great place to register for email updates). Even basic knowledge goes a long way in staying a step ahead of hackers.
Ultimately, protecting your business is going to take collective responsibility; none of these tips are useful when going at it alone. Only together can you and your employees work to create the safest environment possible!