Large enterprises typically have the resources to protect their networks against the ever-evolving landscape of cybersecurity threats. However, smaller businesses have tighter budgets and fewer resources. Hackers know that, which is one of the main reasons they target small businesses, and the latest SMB cybersecurity threat research demonstrates this reality. To compound matters, small companies with remote workforces have a new set of security considerations to contend with.
A cyberattack can have serious consequences, with some small businesses shutting down for good due to the fallout. These are high stakes. With that in mind, here are seven key security recommendations for small businesses:
Educate users: No amount of technology can completely protect your network and data. User training and awareness are crucial to building solid defenses. According to a World Economic Forum report, 95% of cybersecurity issues are traced to human error, making humans the “weakest link” in IT security. Trained workers, however, shift from liabilities to assets, becoming your first line of defense against cybersecurity threats.
Secure endpoints: Laptops and mobile devices are among the most vulnerable endpoints or entry points to a network. Whatever the device, all endpoints must be secured to help prevent a breach. Many traditional or anti-virus tools block only the malware they recognize based on signatures written into the AV software. More sophisticated endpoint protection platforms scan and block malware using a constantly updated threat list, protecting every device on the network.
Apply security patches: Left to users, many security patches will be ignored, creating vulnerabilities that hackers know how to exploit. The infamous infrastructure-crippling pipeline ransomware attack, amongst other recent high-profile incursions, has brought the issue back to the top of the news cycle, and attacks have only continued at a considerable pace ever since. Remote work is complicating the problem and exposing new vulnerabilities. Many ransomware attacks exploit vulnerabilities that can easily be fixed through proper patch management. Businesses need strict patching policies so users don’t ignore software update prompts. Preferably, companies would deploy automated patch management, taking users out of the equation.
Deploy firewalls: Think of a firewall as a sentry that allows only authorized guests into a building. Firewalls block unauthorized content with controls, such as access denial to IP addresses known to deliver malware. Even if a malware payload is delivered, a firewall can prevent it from communicating with the command and control server from which it would receive instructions to lock out data. This action could stave off infection until the malware is detected and removed. Firewalls let you choose which types of content to allow into your network, blocking unauthorized data while still allowing outbound communications. For remote workers, tapping business-grade Internet and connectivity can help.
Enforce password policies: Although users tend to resist them, passwords are necessary and should be changed regularly. Require users to use combinations with numbers, special characters, and upper and lowercase letters to make passwords harder to crack.
Prepare an incident response plan: Prevention is critical to a cybersecurity strategy, but you cannot ignore another vital component — incident response. Since no security measure is 100% foolproof, businesses must prepare for the eventuality of a breach. Every business should have an incident response plan (IRP) outlining what steps to take and who is responsible for the response following an incursion. Without an IRP, minimizing the damage of a breach is hard if you’re unclear on what actions to take. Some malware infections spread at lightning speed once a network has been breached, so reaction time is critical. Trying to devise a response plan after an incident has already occurred is too late. And remember, cybersecurity experts warn that for most businesses, a cyberattack isn’t a matter of if but when.
Build a cross-functional security team: Avoiding, preparing for, and responding to security breaches involves more people than those in charge of IT and cybersecurity. Technical staff are usually the first to spring into action following an incident as they seek to identify the problem, assess the damage, and start remediation, but the response also includes non-technical aspects. In addition to employees, it may be necessary to notify customers and suppliers about the breach, so there is work for management and other functions like marketing, PR, HR, and legal.
Small business owners aren’t ignorant of the cybersecurity threats they face, and many worry that they aren’t adequately protected. After all, a recent survey found that 30% of small business owners say they are unprepared to defend against a cyberattack or recover from a data breach. So, many don’t have the infrastructure and systems to protect themselves and may not even know where to start.
Considering the relentless pace of cyberattacks, doing nothing is simply too risky. Whether it’s costly malware, ransomware, bots, or a phishing attempt, small businesses need to implement cybersecurity measures, including anti-virus programs, firewalls, and network security solutions that proactively help protect all devices connected to your network. See how Comcast Business SecurityEdge™ can help protect the Internet-connected devices that employees and guests use every day.