According to a 2013 report by Symantec, the number of cyber-attacks that targeted businesses with less than 250 employees tripled from 2011 to 2012. Despite the outsized percentage growth, the increase of the attacks on small business networks is not surprising for industry watchers due to the fact that cyber criminals have been setting their sights on less secure networks for years. Motivated by higher success rates and increasing amounts of data that can be lifted with each intrusion, hackers in 2012 targeted small businesses in almost one out of three of their attacks.
One of the primary reasons for higher success rates in attacks on small businesses is directly related to smaller network security budgets, however, there are 3 measures that can be implemented which can add significant protection while costing little or nothing.
- Provide ongoing education for employees on their role in the security of the network – Employees are often unaware on how specific actions can put the security of the network at risk. Two areas where employees often leave the door open to cyber attacks are the use of template-style passwords, such as “password”, and staying logged on 24/7. A simple tutorial on the creation of highly secure passwords is as easy as sending an email to employees with industry recommendations as well as a list of passwords that will no longer be accepted by the company. In the world of BYOD, where devices access the network in cafes, on park benches, in taxis, etc., a logged on device that falls into the wrong hands can be disastrous. Teach your employees to get in the habit of logging off from the network whenever they finish a session.
- Stay current with anti-virus software updates – One key aspect of cyber crime can be characterized as the constant building of better mousetraps, meaning that new and improved ways to crack a network are always being developed. The best ways to stay ahead in the game is to pay attention to incoming anti-virus software updates and activate them immediately.
- Develop tiered access levels – In most businesses, the receptionist does not require access to the entirety of proprietary information on the network. Tiering access across the network according to specific criteria can mitigate damage from a successful intrusion by adding security features behind the firewall.
Small business networks are firmly on the radar of hackers. Even with a shoestring budget, these steps can enhance network security so that a business doesn’t look like a sitting duck in the crosshairs of cyber criminals.