Cybersecurity & Small Business

Submitted by Federated Insurance

Hackers increasingly target small businesses because there is a low risk they will be caught and a high probability they will be successful.

Banking, credit, and vendor account information is vulnerable. Even if that valuable information is not stored on an Internet-connected computer, employees who have access to it can be duped into handing it over to criminals.

Best Practices and Security Tips

Train Employees in IT Security especially to those who are responsible for accounts payable, HR, and wire transfers. Training for all employees should be reinforced periodically. Employees should be instructed to refrain from clicking links or attachments in e-mails, and not to pay an invoice until it’s confirmed that the sender actually sent it. Even if the e-mail appears to be from a trusted source, employees should learn to always copy and paste links into a browser to ensure the address is valid.

Funds Transfers. Put a policy in place to have an in-person or telephone conversation to confirm e-mail requests for funds or personal information.

E-mail Authentication. Phishing can be substantially reduced by verifying that the e-mail originated from the domain it is associated with. If your domain is hosted, it’s worth taking some time to look at how your e-mail is set up to ensure proper authentication schemes are used.

Change default passwords on your router and other Internet-connected devices. And require employees to update unique passwords every three months.

Use a trusted VPN service when using Wi-Fi.

Back up your data regularly both to the cloud and to a removable device.

Update firmware and software regularly.

Provide firewall security for your Internet connection. Ensure your operating system’s firewall is enabled, especially if have employees working from home.
Limit employees’ authority to install software and their access to only necessary information and data.

Security professionals used to strive for perfect security, but today they accept that goal as unachievable. Instead, they strive for optimal security by combining best practices with a risk management program that considers purchasing data compromise and cyber coverage through a knowledgeable insurance provider.

This article is for general information and risk prevention recommendations only. It should not be considered legal, coverage, financial, tax or medical advice. Qualified counsel should be sought regarding questions specific to your circumstances.