Thursday, 28 March, 2024

Protecting Your Small Business From Cybersecurity Threats During Covid-19


Reading Time: 5 minutes

Given the economic impact of Covid-19 and heightened tensions with China, many are concerned that businesses will cut budgets and overlook the serious threat of cybercrimes.  Last year, I sat in on a cybersecurity seminar my client in Tulsa held for his employees and it really opened my eyes to the risks small businesses face today to cyberattacks.  

Cyberattacks continue to be reported in significant numbers by small businesses and these attacks are becoming more sophisticated and more severe. The FBI has reported a 300% increase in cybercrimes since Covid-19.  Consider the following statistics:  

  • 18.5 million websites are infected in any given week, and 80% of these websites are small business web sites.

 

  • 400,000 new pieces of malware (which is usually delivered via e-mail and can steal, alter, and delete data) pop up on the Internet every day, and 58% of malware attacks are against small businesses.  

 

  • 54% of all organizations were hit with ransome ware in 2017 at a cost of over $5 billion dollars.

The most common problems highlighted during this seminar were: (i) weak password policies, (ii) unprotected mobile devices, (iii) not performing software updates in a timely manner, (iv) non-existent employee training, and (v) a lack of investment in cybersecurity.

Hackers can break into most passwords in less than 10 minutes. Small businesses can strengthen their password policies by having their employees change their passwords quarterly, and by following “The 8+4 rule.”  “The 8+4 rule” strengthens passwords by mixing eight characters with four different types of characters — upper case, lower case, symbols, and numbers.  If you add one additional character, (8+4+1) that password will take a hacker 44,000 years to crack.  

Because most hackers break into a network through one’s e-mail and many employees today access their employers network through their smart devices, it is also important that businesses create a “mobile device policy,” which, at minimum, should include the above “8+4+1” password policy.  Information about creating a mobile device policy can be found on the Internet. 

There is no excuse for not performing regular software updates as they can be automatically programmed when setting up most software today, albeit performing regular software updates still needs to be part of an employee training program on cybersecurity.  

The Small Business Administration (SBA) offers a free cybersecurity training module that can be downloaded from the Internet to train your employees. The SBA also promotes the following ten-(10) cybersecurity best practices: 

 

  1. Protect your business against viruses, spyware, and other malicious code.


Make sure each of your computers and mobile devices are equipped with antivirus and antispyware and configure all your software to install updates automatically.  These updates provide patches that protect against problems and maximize the functionality of your electronic devices. 

 

  1. Secure your networks by using a firewall and encrypting information.


If you have a Wi-Fi network, make sure it is secure, hidden and password protect access to your Wi-Fi network or router.  To hide your Wi-Fi network, set up your wireless access point or router so it does not broadcast the network name, which is known as the Service Set Identifier or SSID. 

 

  1. Establish security practices and policies to protect sensitive information.


Establish policies on how employees should handle and protect personally identifiable information and other sensitive data.  Clearly outline the consequences of violating your business’s cybersecurity policies and enforce these policies.

 

  1. Educate employees about cyberthreats and hold them accountable.  

Educate your employees about online threats and how to protect your business’s data, including safe use of social networking sites.  Depending on the nature of your business, employees might be introducing competitors to sensitive details about your business.  Employees should be informed about how to post online in a way that does not reveal any trade secrets to the public or competing businesses.   And hold your employees accountable to the business’s Internet security policies and procedures.

 

  1. Require employees to use strong passwords and to change them often. 


Consider implementing multifactor authentication that requires additional information beyond a password to gain entry. Check with your vendors that handle sensitive data, especially financial institutions, to see if they offer multifactor authentication for your account.

 

  1. Employ best practices on payment cards. 


Work with your banks or card processors to ensure the most trusted and validated tools and anti-fraud services are being used.  You may also have additional security obligations related to agreements with your bank or processor.  Isolate payment systems from other, less secure programs and do not use the same computer to process payments and surf the Internet. 


Also, shift from magnetic-strip payment cards to safer, more secure chip card technology, also known as “EMV.”  (Visit SBA.gov/EMV for more information and resources.) 

 

  1. Make backup copies of important business data and information.


Regularly backup the data on all computers. Critical data includes word processing documents, electronic spreadsheets, databases, financial files, human resources files, and accounts receivable/payable files.  Backup data automatically if possible, or at least weekly, and store the copies either offsite or on the cloud. 

  1. Control physical access to computers and network components 

Prevent access or use of business computers by unauthorized individuals.  Laptops can be particularly easy targets for theft or can be lost, so lock them up when unattended.  Make sure a separate user account is created for each employee and require strong passwords.  Administrative privileges should only be given to trusted IT staff and key personnel.

  1. Create a mobile device action plan.


Mobile devices can create significant security and management challenges, especially if they hold confidential information or can access the corporate network. Require users to password protect their devices, encrypt their data, and install security apps to prevent criminals from stealing information while the phone is on public networks; and be sure to set reporting procedures for lost or stolen equipment.

 

  1. Protect all pages on your public-facing websites, not just the checkout and sign-up pages.

 

Cybersecurity is one of the most serious economic and national security challenges we face as a nation today.  The good news about protecting your business from cybersecurity attacks is that it isn’t expensive, and business owners can quickly make the necessary investments to protect their businesses from cyberattacks; however, if you think that your small business is not likely to be hacked in the future, it’s time to change your thinking and take action to protect your business from the risk of a costly, future cyberattack.

For additional information about cybersecurity during Covid-19, go to CISA.gov. CISA stands for the Cybersecurity and Infrastructure Security Agency, which is an agency within homeland security to advise against risks, work with partners to defend against today’s threats and collaborate to build more secure and resilient infrastructures. 

Looking for more information about successfully navigating the Covid-19 Crisis

 

Our Small Business Owner’s Covid Survival Kit is available through our on-line store on my Square web site https://greater-prairie-business-consulting.square.site/

 

It contains over two dozen files filled with a plethora of financial, tax, HR, safety, leadership, sales, marketing, and government information to help business owners survive the Covid Coronavirus Crisis. 

 

We offer a 100% Money Back Guarantee if you are not completely satisfied, and free updates. 

James J. Talerico, Jr., CMC © 

 

About the Author –

 

A nationally recognized small to mid-sized business (SMB) expert, Jim Talerico has consistently ranked among the “top small business consultants followed on Twitter.” With more than thirty – (30) years of diversified business experience, Jim has a solid track record helping thousands of business owners across the US and in Canada tackle tough business problems and improve their organizational performance. 

 

A regular guest on the Price of Business on Bloomberg Talk Radio, Jim’s client success stories have been highlighted in the Wall St Journal, Dallas Business Journal, Chicago Daily Herald, and on MSNBC’s Your Business, and he is regularly quoted in publications like the New York Times, Dallas Morning News, Philadelphia Inquirer, and on INC.com, in addition to numerous, other industry publications, radio broadcasts, business books, and Internet media. 

 

Jim Talerico is a certified management consultant CMC ©, an honor bestowed on only 1% of all consultants worldwide. He is also the founder and CEO of Greater Prairie Business Consulting, Inc. 

 

For more information about Greater Prairie Business Consulting, Inc., go to: www.greaterprairiebusinessconsulting.com

 

Increase your knowledge of the latest small to mid-sized business (SMB) trends by tuning into Jim’s regular appearances on the Price of Business and by reading his always interesting blogposts at The Daily Business Journal and The USA Daily Post. 

 

Social Media Links: 

 

www.LinkedIn.com/in/JamesJTalericoJr 

 

www.Twitter.com/JamesJTalericoJ 

 

www.Facebook.com/GreaterPrairieBusinessConsulting

 www.Instagram/James_J_Talerico_Jr_Small_Business _Expert

 

0 comments on “Protecting Your Small Business From Cybersecurity Threats During Covid-19

Leave a Reply

Your email address will not be published. Required fields are marked *

VIDEO: This Week’s Best of our Network

GDPR Compliance

DBJ does not collect data on its visitors.

USABR: Nationally Syndicated Radio Distribution

Contact

Contact  articles@usabusinessradio.net
for more information on articles on this site. bmuyco@usabusinessradio.net for all other information.

Kevin Price’s “New Rich” Book Ready for Pre-order for 99 cents!

The Price of Business Visits with Robert Kiyosaki on 20 Years of “Rich Dad Poor Dad”

The author of the best selling finance book of all time celebrates its 20th anniversary in a series of interviews with Kevin Price on the Price of Business.

Adventures in Quora with Kevin Price

Kevin Price, Editor at Large of Daily Business Journal and host of the nationally syndicated Price of Business show writes frequently at Quora about issues ranging from politics to personality types. His favorite answers are also found at USA Business Radio.

#METOO REHAB

The Best in News and Thoughtful Commentary

All the News. All the Time

PMWorld 360

Archives

NONE OF THE OPINIONS IN DAILY BUSINESS JOURNAL SHOULD BE CONSTRUED AS BEING THOSE OF DAILY BUSINESS JOURNAL

For more information regarding content, see the About page.

Recent Comments

    RSS
    Follow by Email
    YouTube
    YouTube
    LinkedIn
    LinkedIn
    Share