Just because it’s small doesn’t mean your business is immune to security breaches and hacker attacks. In fact, small businesses tend to be even more at risk, because they are less likely to take steps to protect themselves. Yet securing your small business doesn’t have to be complicated. Avoid these four common security mistakes, and you can feel better about your business’ security
1. Not setting and enforcing usage and security policies. Never neglect creating a usage and security policy. Many viruses come onto computers and networks because people let them, such as social networking sites are susceptible to viruses; emails can contain phishing scams and malicious attachments. Policies can protect your business. Employees need to know when and what they are allowed to access on your business’ network and computers. Policies should also be established regarding passwords, confidentiality, and usage of data and software.
2. Failing to update automatically. This is one of the most overlooked security measures you can take to secure your small business, and one of the simplest. All updates should be set to automatic. This includes virus updates for anti-virus software, security patch updates for your operating system, and firewall, browser and software updates. Just be sure to check on these from time to time, to see if updates have occurred.
3. Not properly securing all endpoints. Pay close attention to mobile technology such as smartphones and tablets. These endpoints need to be password protected, with a strong password that changes every few months. You should also enable the remote wipe capabilities on these devices; if they’re lost or stolen, you can wipe all data from the device. At the very least, your devices need to be encrypted, have a firewall and secure operating system, and contain anti-virus protection.
4. Not securing both data at rest and data in transit. Stored data, or data at rest, is usually pretty well secured in the office. Yet an increasing number of attacks are occurring on data in transit — either while it is being accessed remotely by an employee or traveling across the Internet. You should consider a virtual private network (VPN) for employees accessing business data outside the office; this encrypted connection can help protect data in transit
Related posts:
