It’s easy to think that cyber-criminals wouldn’t waste their time hacking your business because it’s too small. It’s harder to accept that you’re wrong.
Although the break-in might not make headlines, your company is a juicy target for online crooks. Why? You probably spend less time and money on security than large companies — and, perhaps more importantly, your business’s bank balance is likely to exceed that of the average consumer account.
Here are four security mistakes and misconceptions that commonly affect small businesses, plus some quick tips for how to avoid them.
- You reuse passwords. Strong passwords for your network, bank accounts, and other sensitive areas are a fundamental security practice. But even the strongest passwords carry significant risks if you or your employees reuse them across a variety of websites and other systems. The reason: If an unsavory sort gets hold of your Twitter password and you use the same password for your customer database and other valuable business information, then a relatively small problem can snowball into an enormous one. Use unique passwords and change them regularly, especially for financial accounts and other high-risk information.
- You use outdated software. Cyber-criminals love it when you run older software. Updates often address security issues found in previous versions; those fixes are usually included in release notes, which means everyone knows about those flaws — and can exploit them on machines that aren’t updated. The Windows operating system, web browsers, and Adobe applications are usually considered the top priorities. But don’t forget about other tools, too — the more popular they are, the bigger the potential target (blogging platforms such as WordPress are a good example). So, stay current on your software. Turn on automatic updates when available, especially for Windows.
- You protect your computers but not your mobile devices. The mobile boom has been a boon for some businesses, but it’s not without its downsides. Smartphones and tablets have become a huge new terrain for malware and other security risks. The ease with which those devices can be lost or stolen only complicates the matter. Don’t fall into the trap of thinking you’re safe simply because you take steps to protect your computers. Only download apps from trusted sources, and use security and device-lock apps for any business phone or tablet.
- You think your money is safe. Banking and other financial information is quite often a small business’s biggest security risk. If those credentials fall into the wrong hands, you might quickly find your accounts emptied. Some small-business owners take a laissez-faire approach to online banking security because they assume their bank will replace stolen funds. That’s false. Business accounts don’t come with the same protections that consumers enjoy. It pays to be paranoid when it comes to your business’s financial information. For starters, no legitimate financial institution will email you and ask for your username and password; treat any such request as guilty until proven innocent.