Until a few years ago, small businesses were never considered particularly juicy targets for hackers. But with the proliferation of e-commerce companies and recent rise in cloud service use, cyberattacks on SMEs have risen sharply. While not all of us can afford corporate-grade security solutions, there are a few fundamentals that will offer basic protection for sensitive material.
Create a mobile device policy
Gone are the days when BlackBerrys were the only phones capable of storing sensitive information – today, every employee has a supercomputer in their pocket. Requiring employees to employ basic security controls on their phones will help prevent information leaving the workplace unprotected.
Employees should be required to set up password protection and data encryption on their phones, and to make sure that their phone automatically locks itself after a certain period. They should also be encouraged to turn off their phones’ Bluetooth and Wi-Fi when not in use, install mobile security software and check app permissions.
Secure your Wi-Fi network
Paramount to a safe workplace is a safe wireless network. Making sure your Wi-Fi is hidden, password-protected and encrypted will make it a lot harder for unauthorised parties to gain access. Be certain to change the default SSID (Wi-Fi network name) and set up WEP or WPA encryption (which encryption setting you choose will depend on the compatibility of your devices).
You may also want to set up a firewall and enable MAC address filtering. Positioning your router near the centre of your premises will help prevent your Wi-Fi from leaking onto neighbouring properties, reducing physical access to the network.
In today’s hyperconnected virtual environment, a single compromised account can expose an entire network of interconnected identities.
Train employees in cybersecurity basics
In today’s hyperconnected virtual environment, a single compromised account can expose an entire network of interconnected identities. The last thing you want is an employee’s Facebook account posting hateful comments they did not write, so it’s important that both their personal and professional online lives are secure.
Train employees to create strong, unique passwords for each of their online accounts. If they have trouble keeping track of their passwords, there are password management services that allow users to securely store and access their passwords. They should also be using two-factor authentication services, an additional identification barrier available for most major email and social media platforms.
Perform regular scans and backups
Having security software installed on your machines is a no-brainer, but won’t be as effective if regular scans are not performed. Scan your computers for viruses at least once a day.
Cloud processing and storage might have given rise to the mobile office, but it also offers some unique security challenges. Have systems in place to ensure regular back-ups of essential documents, and store those back-ups on a secure device, kept well away from the internet.
Joel Svensson is a Melbourne-based freelance writer specialising in politics and business.