10 Indicators your small business is about to get hacked and system compromised
Once doesn’t need a crystal ball to predict that a small business is going to be hacked because the odds are high. According to a 2018 report, 60% of small and medium sized companies have been hit by a data breach. Even if all precautions are taken the risk still exists. Moreover, complacency puts an organization at peril of a serious business disruption, data and monetary losses and potential liabilities.
Here’s a few markers that determine the risk of being hacked.
Unprotected email
Email is one of the most common venues for hackers to gain access over company’s network. We’ve all received emails that sound too good to be true or asking us to click an unfamiliar link. A sobering stat – over 90% of successful hacks and data breaches stem from phishing scams, emails crafted to lure their recipients to click a link or open a document they shouldn’t. Training users how to detect and react to these threats is a critical line of defense against ransomware. If you host your email servers, make sure to use 3rd party spam filtering and email security services like Barracuda or Mimecast.
Loosey goosey web browsing policy
Uncontrolled internet access is a high-risk activity for any business, regardless of size. According to EfficientIP almost 80% of businesses worldwide suffered at least one DNS attack in 2018. Malicious or hacked websites, even reputable websites (compromised via advertising networks) are the primary vector for initiating attacks and downloads of malware that can be detrimental to your network. Consider protecting your network by curtailing access to www: malicious or inappropriate websites with a web SaaS filtering solution. Put in as the first line of defense against web-based attacks, or else brace for a hit.
No pro IT support
Even the smallest of companies are exposed to a cyber-attacks as they occur indiscriminately. Paying someone to evaluate your risks, install software, monitor network activity and keep things up to date is a critical and essential business cost – even the work is done on monthly basis. If you don’t have IT support – weather be a part time staff, consultant or outsourced to a managed service provider, get it today! When the hack strikes, is usually too late…
Lax security awareness
Most security problems, particularly at small companies, stem from employee related errors i.e. browsing bad websites, opening infected files, etc. Invest in a day of training a few times a year with a good IT security service so that your employees are aware of potential problems and can avoid taking your entire network and business down. There are many available today and they are reasonably priced. Rinse and repeat.
Running on unsupported operating systems
Thousands of computers around the world are still running older, out of date versions of Microsoft Windows. All hackers need is one vulnerable computer to attack and then can get on a network and wreak havoc. One of the best ways to avoid a hack is to ensure that all of your computers are running the most recent versions of Windows or iOS all the time. If a desktop or other device is too old to handle the new operating systems, then buy a new one. The cost will pale in comparison to the cost you’ll incur when you’re hacked.
Remote commuters and mobile users
When employees are mobile they are moving around with company’s data and it can be easily lost, compromised or stolen. If an employee or contractor is remote, then they are connecting to your database through online services and these have a chance of being hacked. Work with an IT person to make sure you have strong data management and connection tools in place for these remote people and make sure they’re being monitored.
Perimeter firewall
Having a firewall is like surrounding your company network with layers of walls and checkpoints. They manage all incoming and outgoing traffic through fully customizable rule sets and logging, detect and prevent malicious activities at the perimeter level and much more. If you don’t have one, your network is vulnerable to various cyber threats and attacks.
No BYOD policy
Are your employees allowed to? Most small businesses allow their staff to bring their own devices and use them for work. Unfortunately, this can wreak security havocs if they are not monitored. Many companies use remote management (RMM) software to install company apps on their employees’ devices for a secure access or issue their own devices that have been secured. One must have a BYOD policy to control and monitoring those devices.
Weak passwords
Most users are usually complacent with passwords – not only simple dictionary passwords are the most common, but they ger reused for various online services. Educate your staff on the importance of strong and regularly updated passwords. Enforce strong password policy with periodic changes for all critical systems. For even greater security, employ multi-factor authentication in addition to your robust password policy.
Employee turnover
Some industries, like seasonal businesses or restaurants, have more turnover than others. When employees leave, they sometimes they tend to take data with them to use with a competitor or other vindictive reasons. Treat your employees right and address their concerns limit turnover. Also, consider deploying DLP (data loss prevention) systems.
If you’re addressing these things you’ve increased your chances of NOT being hacked a whole lot!