Building a Cybersecurity Strategy to Protect Your Small Business

CCB_CommunityHero_11082019_Building a Cybersecurity Strategy

Small business owners have one primary focus: growing their business. That often means that they wear several hats at once — they’re opening the doors in the morning, working with customers or employees all day, taking care of administrative tasks, and drumming up new business.

Security and IT in general tend to be an underserved function for many small businesses due to limited staffing and skills. This may be a vulnerability that bad actors take advantage of, seeing as many small businesses have been attacked in the last 12 months. According to an AdvisorSmith survey, 42% of small businesses experienced a cyberattack in the last year, but 28% of the small business owners that were surveyed still haven’t implemented any form of cybersecurity protocols.

As more business functions go digital, ensuring you take measures to secure your network and connected devices is essential to keep your business up and running. And while most small businesses don’t have the resources of an enterprise security team, there are many key steps small businesses can take to begin closing security loopholes and protecting themselves now. It all starts with an end-to-end strategy covering traditional IT security, endpoint protection, policy setting, access control, and Internet security. Working with an Internet service provider that offers Internet and advanced security combined can help simplify some of their security needs.

Understand the risk and identify key digital assets

From phishing, ransomware, and malware to clickjacking, drive-by-downloads, and software vulnerabilities, there’s an ever-growing list of threats posing a danger to small businesses. Understand the threat landscape, and learn about what a successful attack could mean for your company. From there, identify your key digital assets: from the hubs of your network to the personal devices used by your employees and your customers, take stock of your digital landscape so you can learn how to protect it.

Protect your network access

Take a comprehensive approach, ensuring firewall, endpoint, and advanced network security tools are in place. Firewalls are still one of the most effective security measures, monitoring and controlling network traffic and placing a barrier between trusted internal networks and the outside world. Your WiFi network, whether internal or customer-facing, is a ripe target, and vulnerabilities have been found in even the most secure networks. Use a secure router in a safe location and secure keys that require a password to join. Every device on your network, whether company-owned devices or employee or guest personal devices, is also a potential point of weakness.

If you have employees logging on remotely, maintaining end-to-end security can be even more difficult. Implement end-point protection on your company-owned devices to continually scan and update for the latest protections. For remote workers, consider adding a business-grade Internet connection to their home offices.

Safeguard your access credentials

Implement an access control strategy, determining which people within your company need access to which types of data. On top of access control policies, ensure that the credentials of everyone in your organization remain protected. Implement password management and educate employees about the use of strong passwords.

Educate users

Make sure to train employees in basic security practices and codify best practices into policy. Areas of focus include strong passwords and appropriate Internet usage, as well as the proper handling of customer information or other sensitive data.

Ensure that network equipment and devices are updated frequently

The headline-grabbing WannaCry and Petya ransomware attacks a few years ago exploited Microsoft’s Windows Server Message Block (SMB) protocol. A simple update would have prevented infection, demonstrating the importance of patch management to staving off attacks. Implement strict patching policies to make sure users don’t ignore software update prompts or, even better, deploy automated patch management so no human action is needed.

Maintain backup and recovery

Especially when it comes to fighting ransomware, regular data backups are integral. If your data is held captive by hackers looking for payment to grant access, you remove their leverage if you have data backups handy. It’s a best practice to automate this process so you don’t have to rely on individual users to carry out the work.

Tap outside expertise

Cybersecurity is complex, and it’s hard to get a full grasp of cybersecurity without expert help. Especially for smaller companies, partnering with a managed security services provider (MSSP) can help you get started on the right foot, but even organizations that already have security expertise in house can benefit from tapping outside consultation to keep up with the ever-increasing volume of potential threats.

To protect against costly malware, ransomware, and bots, small businesses need to implement 360-degree cybersecurity measures that include anti-virus programs, firewalls, and network security solutions that proactively protect all devices connected to your network.

To keep their business running smoothly, busy small business owners need a comprehensive Internet solution that provides advanced security protection that’s also simple to use. Comcast Business SecurityEdge provides advanced security to keep your network safe by scanning for threats every 10 minutes—helping protect the Internet-connected devices that employees and guests use from malware, ransomware, phishing, botnets, and more. Comcast Business Internet provides a dedicated business-grade Internet connection to provide the largest, fastest, reliable network with speeds up to 10 Gigs.

Build a small business security strategy from the ground up

This article is available exclusively to
Comcast Business Community Members.

Join the Comcast Business Community to read this article
and get access to all the resources and features on the site.

It's free to sign up

Sign Up

for our newsletter

network-security

Learn how Comcast Business can help
keep you ready for what's next.

 

footerNew

for our newsletter