Keep data and systems safe by following security best practices.
For time-strapped small business owners, minimizing computer viruses, data theft, and other technology threats often takes a back seat to day-to-day tasks. Yet guarding against these threats can ultimately save you money, time, and your reputation.
Help reduce your risk by making smart technology decisions and establishing ground rules for your employees. Areas to focus on include:
Data breaches. At a minimum, data breaches can tarnish your reputation; at worst, they can be so costly that a business—particularly a smaller firm—may not recover. Choose a Web hosting service from a reputable provider with security features, such as Secure Sockets Layer (SSL) encryption, for receiving visitor information. If you sell products on your site, look for an eCommerce hosting service with Payment Acceptance Best Practices (PABP) compliance, encryption of orders on the server, and other features to help secure customer information. Require employees who work from home to access the organization's network through a virtual private network (VPN).
Viruses and other malware. Keeping your antivirus software up to date can help lock out intruders. Train your employees to help maintain network security by never opening unsolicited attachments or clicking suspicious links in email messages. Warn them against downloading freeware, which may have malicious software called malware embedded into it, and consider developing a list of websites that they may visit. Many of these malware programs can damage the hardware or software to the point of rendering a computer useless.
Identity theft. Consumers are not the only targets of identity thieves; small businesses can be targeted if they lack the resources devoted to information security. Help reduce the threat of your business information being used for fraudulent purposes by password-protecting sensitive files, shredding physical records that are no longer needed, and monitoring your accounts on a regular basis. Check if your business information in public databases can be kept private; for example, some Web hosting providers allow you to add privacy to your domain name listing for a nominal fee.
Security awareness. Many security best practices may seem obvious, but it’s best to review them with your team. Emphasize the importance of changing passwords every few months and keeping them in a secure place—not jotting them down on sticky notes and leaving them under the keyboard. Advise employees against checking work email from public computers in hotel business centers, coffee shops or other places on the road, where prying eyes or keystroke logging tools can record user names, passwords and emails from unsuspecting users. If your employees must use a business laptop or other mobile device off-site, emphasize the importance of accessing the organization network through a VPN.
Consistency. Take the time to help secure each computer in your network and reduce headaches down the road. Be sure that antivirus and anti-spyware software is installed on new computers and that they scan the systems on a regular basis. Computers should be configured to receive automatic security updates to their operating systems since new viruses continue to target operating system vulnerabilities. To help guarantee strong security, consider storing your business data and software in the cloud. Good cloud service providers use highly advanced security software and have technical experts standing by to help fend off IT threats.