The Cyber Security Tips for Small Business You Need Now

I’ll be honest, I’ve been thinking about writing a post about how to protect your business from cyber-attacks for a few months. But it somehow never makes it to the top of the list of things I want to talk/write or post about.  After all, its not really my field of expertise.

However, after years of working with clients to help them understand how to safely share private financial information with me, I’ve been a bit (ahem) passionate on the subject. Too often, convenience and poor habits get in the way of treating our own information with respect.

But really, do you want to be a sitting duck? More than 43% of cyber attacks are against small businesses.

So, while President Biden’s recent warning about likely cyber attacks from Russia may not feel like something you can deal with, this is an excellent moment to review and upgrade cyber-security procedures in your small business.

Stop and consider for just one moment: How could a major cyber-attack affect your company?  Just think about all the ways your business relies on web-based services for communications, finances, marketing and sales.  Could disruption in any of those areas stop your business cold? How can you protect your business from this disruption?

Here is a two step process you can use to protect your business: 

1. Get the basics in place and make sure your team is actually using the security protocols you establish.

2. Look for ways you can create resilience through redundancies – which just means creating secondary ways your business can continue to function; even if larger systems are down for a few hours, or a few days.

The Basics of Cyber Security for Small Businesses

1. Make sure all computers and devices are protected with antivirus or anti-spyware. Note: the word ALL includes your smart phone and tablet if you use these to access business accounts or information. Picking a strong anti-virus service isn’t hard, and doesn’t take long. But make sure you are looking at reliable and current information when you read reviews. Get your search started with this round-up post.

2. Ensure that all passwords used to access key sites are complex and secure. I recommend using a third-party password app such as 1Password or LastPass. 

3. Add 2FA (2 Factor Authentication) to all online communications and financial accounts — including banking, credit cards, point of sale, payroll, etc. Then, use them and require your team to use authentication apps like Google Authenticator or Authy to provide this extra layer of security. (Yes, something is better than nothing. No, having a code texted to your phone is not as strong security as using one of these apps.)

4. Download critical documents stored in the cloud, so you have duplicate copies stored offline. These documents include financial and accounting records, copies of your online assets (website, image galleries, etc.), and operational procedures and training documents.

5. Routinely move all of these backup copies to an external hard drive. Your business needs can determine the frequency, but I recommend daily or weekly.

6. Use encryption for your WiFi networks, online file storage, and emails to protect the contents of the data you store and send online. To be honest, this point could be a post all on its own! For now, think about how best you can protect information you send and receive online and begin to utilize the built-in protection most programs offer.

For more resources on cyber security for small businesses, check out:

✔️ Cybersecurity Toolkit for Small Business from the Global Cybersecurity Alliance

✔️ This informative PDF from Ready.gov/cybersecurity

Next Level Security: Create Redundancies to avoid outages

Where do you need redundancies in your business?

Imagine major system-wide outages — banking, communications, web hosting, even local utilities.  How could your company continue to do business if these went down? This is a core part of an emergency response plan that every business should have prepared.  

While all the possible points of failure are probably overwhelming to think about, it is possible to create secondary systems in a step by step process. Here are a few ideas:

1. Have a secondary way for your team and customers to communicate. Some examples include SMS, Signal, and Telegram. Check out this resource from Tom’s Guide for more details and ideas. 

2. Establish ways customers can pay you if electronic banking services are disrupted and clearly communicate that to your customers. A simple mailing address or P.O. Box would work for most small businesses. 

   For larger companies, a bank lock-box system could be worthwhile. If you have physical retail stores, be prepared for the possibility of an increase in cash transactions.

3. Consider adding network redundancy to your business operations. Network redundancies involve having storage or computing capacity in remote locations or in separate networks.  While this may seem complicated if you run an online business you probably already have some of this in place.  Network redundancy is critical for any business operating online. Learn more about network redundancy from Techopedia here.

Remember, while these tips for upping cyber security for small business is not a one and done activity. Savvy companies continually and regularly look for ways to reduce risk and improve security.

It’s up to you to protect yourself, your team, and your business.

More Support for Your Small Business

If you are an entrepreneur focused on social impact and are ready for more support in your small business, request  a free 30-minute meeting with one of our CFOs.  

The focus of the conversation will be on your business, the challenges that are top of mind for you, and the actions you could be taking. We’ll also help you determine the next best step for you!