Cybersecurity Tips for Small to Medium Businesses

Cybersecurity Tips

Managing a small business is challenging and the day to day operations alone for a business owner can be overwhelming.  However, some smaller organizations make the mistake of trying to manage their IT Infrastructure alone.  Doing so, is a risky endeavor especially when trying to manage their business operations successfully.  Managing IT Services and IT Security are critical to any small to medium sized business.  Many owners take on this task with the idea that they can not afford to outsource their IT Functions and as a result end up spending much more money trying to fix IT problems, security issues, and malware infections in-house.  If more business owners understood the flat rate monthly pricing models many IT Service companies offer they would outsource these tasks.  The small business owners that put a premium on security are the same ones that hire managed IT services companies to secure their IT and mitigate risk.  Having a reputable IT company will reduce your headaches and allow you to run your business the way it should be with minimal downtime and security breaches.  Our recommendation is to find a reputable IT Support company to take the IT support burden away.  Having said that, we compiled a list of suggestions and tips to improve your security posture, mitigate risk, and prevent data loss.

  1. Secure your business website and social media accounts.  The best way to do this is to create strong passwords. Never leave default passwords on any device, desktop, switch, router or other account. Get recommendations from your hosting company or subscribe to a monthly service from your hosting provider for an extra layer of security. Make sure social media account managers do not share passwords.
  2. Secure your small business IT infrastructure. Use a reputable software to secure your desktops and devices from viruses, spyware, ransomware and phishing attacks. Update desktops and devices with the latest firmware, operation system  updates, and security patches..
  3. Employee training. Make sure your employees are involved in the Cybersecurity discussion and the potential impact of a security incident on the company and  their paycheck.  Some studies illustrate that some businesses will never recover from a cyber attack incident.  Create policies, procedures, and guidelines for proper IT resource usage and enforce them.
  4. Monitor and control  access to all IT resources.  It is critical that all systems are monitored at both the physical and remote access level. Devices and desktops are a bad actor’s dream when left unlocked or unattended. Make sure that employees do not share access credentials to IT Resources as this is a recipe for disaster.  Finally, only grant access to employees at a level that allows them to perform their job functions.
  5. Always have employees use complex passwords Create  password policies so that employees are required to create new passwords at a bare minimum each quarter.  Using two-factor authentication is a great way to promote login security and protect you from brute force password attacks designed to compromise IT resources.
  6. Secure your Network and Email Services.  All devices on your network need to be secure including smart devices with embedded operating systems. Make sure they are routinely patched and the firmware is updated. Some of these devices like cctv systems have default passwords out of the box. Make sure you change them before deploying them on your network.
  7. Backups, Backups, and more Backups. Make sure you have regular backups and they are tested each month. Many people consider a cloud drive as a “cloud backup”. Unfortunately, most if not all of those cloud drives need to also be backed up. For example, what happens if any employee deletes a document from your OneDrive or Google Drive? It’s gone. There are services available that will allow you to back these resources up as well.

These small business tips will get you off to a good start when it comes to securing your small business infrastructure, but you should still be searching for an IT Support company with a reputation that backs them up.

Leave a Reply

Your email address will not be published. Required fields are marked *