Hackers don’t just target big firms; small and medium-sized businesses (SMBs) are equally vulnerable. With the explosion of connected mobile devices, cyber intruders now have multiple points of access to companies of any size, making it essential for leaders to set up procedures and policies that restrict access to sensitive company data, know who is accessing their networks, and lock out intruders.
As the owner or IT director of a small company, the sooner you start thinking about security practices and incorporating them into your business plan, the better your chances of success. Following is a checklist of cybersecurity best practices for SMBs:
1. Aim for security practices that are easy to use and difficult to circumvent. Train employees and inform partners and clients on ways to ensure data safety.
2. Choose strong passwords as your first line of defense. These tips help make your passwords hacker-resistant:
- Choose a text string that is 8 to 30 characters long. This string should contain at least one number, one symbol (such as $,_,!,&), one lowercase letter, and one uppercase letter.
- Don’t use dictionary words in any language.
- Don’t use:
- License plates
- Pet names
- Social Security numbers
- Birth dates
- Phone numbers
- Any words related to your family, hobbies, vehicle, or work.
4. Manage your technology assets. Know what’s in your network—hardware as well as software— and make sure you keep these assets up to date. When you acquire new assets or update existing ones, always change the default passwords.
5. Monitor 24x7x365. Hackers don’t work business hours. Set up alerts to allow for immediate action to minimize damage.
6. Audit security policies and procedures for compliance to industry standards. For example, the SSAE 16 (Statements on Standards for Attestation Engagements No. 16) verifies the presence of security controls and processes and results in a Service Organization Control (SOC) report attesting to the sound design and operating effectiveness of the controls and processes reviewed.
7. Look to cloud-based network services providers to take advantage of robust security processes at a more affordable price. Make sure you understand the levels of security, the amount of technical support and guidance provided, and who is responsible for what.
Smart SMBs look for security measures they can take today, so they don’t miss out on opportunities tomorrow.
Ted Brown is Vice President of IT Operations at Network Alliance, Inc., a leading network management solutions provider in the Greater Washington, DC region.