Small Business Cybersecurity Checklist

February 2nd, 2018 | IT Security

From noteworthy data breaches to rapid increases in the number of ransomware threats, it’s no surprise that cybersecurity has become a major concern for companies. But the myth that cybercriminals only target large corporations is just that—a myth. In fact, 61 percent of data breaches happen to businesses with fewer than 1,000 employees. Data breaches, hacks and ransomware can have devastating effects on small and medium-sized businesses, often causing loss of reputation, clients, and revenue that may ultimately force the company to close. Although there is no guaranteed way to prevent a cyberattack, you can strengthen your business’s cyber defenses with these ten tips.

1. Use strong passwords

Eighty-one percent of hacking-related data breaches leverage weak passwords. Employee passwords should expire every 90 days and be required to have at least eight characters, be alphanumeric and contain symbols—this practice may cut down on the likelihood of their user accounts being hacked.

2. Backup your data regularly

Data backups are essential and keep your business up and running in the event of a cyberattack. Verify the integrity of your backups and make sure to test your restoration process to ensure it works.

3. Secure your offline backups

If your network is infected with ransomware, a backup may be the only way to recover your data. Ensure your backups are properly segmented or have a solution that protects against this.

4. Have a next-gen firewall

Protect your network and data by configuring your firewall to block access to malicious IP addresses. Next-gen antivirus technology can inspect files, identify malicious behavior, and block attacks that exploit computer memory and scripting languages.

5. Logically separate your networks

Malware can infect multiple devices and servers if they’re on the same network. Hosting your hardware on separate networks can prevent the spread of malware throughout your business.

6. Patch operating systems, software, and firmware on all devices

Consider using a centralized patch management system to ensure all your systems and devices stay updated.

7. Implement an awareness and training program.

End users are targeted by cybercriminals and often fall victim to phishing attempts. Educate everyone in your organization about social engineering and the threat of ransomware.

8. Scan all incoming and outgoing emails

Detect threats and filter executable (.exe) files from reaching end users by scanning your business’s email communication.

9. Block ads

Reduce your risk of picking up ransomware through malicious advertisements by blocking ads or access to certain sites.

10. Limit access within your network

If infected, users with administrative access could spread malware throughout your network. Users shouldn’t be assigned administrative access unless it is necessary. If you need help with the hassle of technology management, our IT consulting team can develop a plan for your IT solutions to align with business goals and objectives.