Cybersecurity is complex, but small business owners can implement a few easy enhancements to improve their cybersecurity level. Remember, most important is to be aware of the risks and be proactive in addressing them.
Easy cybersecurity must do’s:
Manage your passwords. Use a password manager to quickly implement and manage strong passwords. Do not re-use or share passwords.
Whenever you have the option, use Multi-Factor Authentication (MFA). MFA will help you detect unauthorized access attempts to your accounts or applications. A common example for MFA is a SMS code sent to your mobile phone.
Secure your router. Change your Internet Service Provider (ISP) default router password and the wireless password.
Change the built-in firewall in the ISP’s router to the most secure settings. Add a separate firewall device to your Network if you know how to do it.
If you don’t need wireless, disable it. Access to ethernet cables is more difficult than to your wireless network. If you must have wireless, make sure the password is strong and that you use the latest security protocols (WPA3 is best).
If you must provide wireless for non-employees in your business, create a Guest Network. Guest Network allows visitors to access the Internet only and not your internal network and devices on the network.
Make sure all the end-points on your network are kept protected. Daily updated anti-virus software is a great start, but Endpoint Detection and Response (EDR) software provide much more protection for a very small cost. Definitely a worthy upgrade.
All devices (computers, mobile phones, printers, etc.) that connect to your business network must be kept fully updated.
Backup your important data. Choose a secure cloud service rather than the usual cloud suspects. Try to diversify where you store the copies of your data: cloud, office, home is a recommended mix.
Get everyone on VPN. VPN is a secure tunnel in the internet that isolates and protect s your traffic from others’ traffic. Think of it like running your own water hose inside a river. Your water does not mix with the water outside and no one has access to it. This is especially important with cloud usage and remote work.
Educate your employees about cybersecurity, the risks, what scams and attacks look like and what to do or not to do.
Restrict access to your company’s crown jewels. Less access makes you more secure. Make sure only people and devices that have a viable reason can access the information.
Understand that these are easy wins and improve your cybersecurity posture (level) but this doesn’t make your business totally immune to cyber attacks. It is always worthwhile getting advice and support from experts who can make sure your business is protected and cyber resilient.
Email communication is crucial to run your business, but it also presents a large cybersecurity risk. Consider getting an Email Security solution to prevent attacks before they land on your devices. This additional layer of security is affordable and can save you a great deal of money and grief.