How to protect your small business from online crime

[Audrey McNeil <audrey () riskbasedsecurity com>]

http://www.smallbusiness.co.uk/running-a-business/technology-in-business/2483986/how-to-protect-your-small-business-from-online-crime.thtml

Once upon a time, small business owners could protect their organisations
from crime through the installation of good locks, security cameras, and
staff training on how to catch burglars in the act.

Now though, more theft and destruction tends to be caused online than in
person, with the new type of criminal committing crimes from their computer
without having to even leave their home. Although many business owners
might not know it, cybercrime is a fast growing issue.

According to research conducted by PwC on behalf of the Department for
Business, Innovation, and Skills, a whopping 60 percent of small businesses
suffered an online security breach over a 12-month period, with the worst
of these attacks disrupting operations for an average of seven to ten days.

It’s clear to see that cybersecurity should be a top priority for business
owners, no matter the size of their organisation. Unfortunately though,
these types of attacks can be tough to prevent, especially with the
constant invention of new techniques and types of cybercrime. Police units,
too, struggle to keep up with the growing demand on their time and
resources.

If you want to keep your business as safe as you possibly can, it’s vital
that you stay up to date on the best ways to fight against cybercriminals.
> From hiring a business law specialist to help protect your intellectual
property, to training employees on security measures, and making sure you
have the right type of software protection, there are plenty of steps you
can take today. Read on to learn some simple yet effective techniques you
can put in place to keep your precious business assets out of the hands of
digital thieves.

Conduct a risk assessment

To start with, it’s important to conduct a risk assessment to work out what
the most important information and data is that your business holds. For
example, this could be intellectual property (in the way of trademarks,
domain names, and the like), or financial, employee, or customer records.

Once you’re clear on what it is that’s most vital to your company, and
where this data is stored, you can start assessing the potential risks and
threats that the business is open to. For example, it’s a good idea to
ensure that all relevant brand domain names and trademarks are secured
(something that specialist business and IP lawyers can help with). This
way, criminals cannot use legitimate-seeming email or web addresses to pose
as the business and take away revenue or commit illegal acts.

Choose passwords carefully

Believe it or not, one of the cheapest and simplest fixes for many security
issues is to choose more secure passwords that can’t be guessed by hackers.
Considering that two of the most popular passwords used on computers and
related devices around the world are '123456' and 'password', it’s easy to
see how many digital criminals access information without any struggle.

The best passwords contain a combination of both lower case and capital
letters, as well as numbers and symbols. Ideal code lengths are between
eight and 12 characters long, and are free from any personal relevance such
as birth dates, anniversaries, or children’s names. Change your passwords
on a regular basis (about every two or three months is a good idea) and
keep different codes for all the various accounts and logins used
throughout the office.

Make use of anti-virus and anti-spam software, and firewalls

One of the best ways to prevent cybercrime is through the installation of
anti-virus and anti-spam software and spyware on all computers used by your
business. Up-to-date aids like these can help stop criminal attacks from
occurring, as they protect systems from being infected by malicious
software and viruses that run background codes.

This malware can get into a system from a Wi-Fi connection, through spam
emails, or via illicit websites, and then captures data on all keystrokes
and login details entered. The information is then relayed to hackers who
use it to steal information and funds.

In addition, another top security step to take (especially for businesses
with sensitive customer information) is to install a firewall. A firewall
helps to protect computer systems from hackers who attempt to steal credit
card numbers, passwords, and other data, or who want to crash a computer.

Train your staff

Another top tip to avoid cybercrime is to train all of your employees on
the ways in which digital criminals work, and the various security measures
that need to be taken. This is because one of the most common security
holes for a business happens to be mistakes made by its personnel.

Educate your staff members on how to reduce security breaches by
recognising possible threats (spam emails being one of the most common) and
ensure that they understand the types of passwords that need to be chosen.
You can also set up a specific set of guidelines for all personnel to
follow when they’re using not just desktop computers, but also any laptops,
tablets, smartphones, or other work devices.

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!