Now more than ever, small businesses have more to worry about with respect to security, than just their local burglars and conmen. Small businesses now need to avoid being hacked by cyber criminals.
Historically, small businesses were rarely victims of data hacks, as offenders went after the big names before anyone. Well, times have certainly changed. SMBs are now much more susceptible, and attacks on them are perhaps even more detrimental than those of large retailers because they lack the necessary funds and resources to recoup their losses. Here are some best practices to prevent calculated breaches against your small business:
Accept That it Can Happen To You
Sounds simple and maybe even a bit silly to include here, right? Wrong! Despite all of the recent articles and media hoopla around data breaches, most of your average small business owners, regardless of their region in the US, still do not believe that data hacks affect them and their customers. I’ll just begin this list by reminding you that the US has over 50% of the world’s credit card fraud, although less than 25% of the world’s card transactions occur here – and that’s just one aspect of data hacks. With numbers like these, it’s obvious why it’s so important to take steps to prevent yourself from being hacked.
Manage The Cloud Effectively
Though awareness and understanding of how the ‘cloud’ works is increasing substantially, there are still many small business owners who are not using it to their advantage – particularly with creating different layers of access to certain information. The beauty of cloud storage and communication is that you can “manage permissions”. What that means is, for every document, calendar, or email list that you create, you can permit or restrict access to specific people. You shouldn’t just use the cloud to store all of your data and documents in one place. Instead, separate them by level of sensitivity and divvy up access accordingly. This simple step can great help you in avoiding being hacked. Consider storing and sharing information on different services if necessary. For example, store documents such as important licenses and permits on Dropbox, while saving item lists and company financials on Google Drive. There are so many free or inexpensive cloud providers out there now, that there’s rarely a need for small businesses to ever pay for premium accounts.
Create Layers for Wifi Use
You’ll read everywhere that offering free wifi to customers at your business will encourage them to hang around, and thus positively impact your sales – this is absolutely true. However, proper management of your wifi network(s) is necessary to prevent you from being the next breach victim. A good practice is to establish two different networks – one for you and your staff, and a ‘guest’ wifi for customers. Both networks should be password-protected as well. If you have an office in the back somewhere with computers, tablets or other devices that you’re conducting business with over wifi, i.e., managing your books, sales reports, point of sale, payroll, sensitive employee data, etc., it is especially important to establish two separate networks.
Mobile is no longer the platform of the future—it is the platform of now! All forms of communication – professional and personal – have moved from the desktop to your favorite pocket device. What that means for small businesses is that anything you send to your employees is being viewed on mobile devices, and thus it is equally important to secure those as well. A best practice is to encourage your employees to password-protect their devices or use a pin to access, or even better – TouchID and other fingerprint authentication systems. Granted, you cannot mandate this on your employees’ personal phones but it doesn’t hurt to communicate the importance. Additionally, use two-step authentication. I know, it sounds intimidating, especially to the average small business owner who isn’t sharing a load of data with their employees, but believe me, it’s really simple and quick. With two-step authentication, a text or email is sent to your phone with a code that you must enter before you can log in to a service on a different computer. In short, it prevents hackers from logging into your accounts remotely. We use it here at ShopKeep for all of our Google cloud services.
These are just a few quick and easy steps that can go a long way in protecting yourself from being hacked. If you have any other best practices that you currently use for your business, please share them in the comments section below!