No business, small or large, can afford to ignore cyber security. According to a recent Verizon Data Breach Investigations Report, 60 percent of cyber-attacks target SMBs, largely because they are easier targets.
But you don’t have to be passive. Here are five tools and services which small and medium business can use to protect themselves.
1. Get secure office hardware.
"In the scramble to secure the cloud, hardware is often overlooked," says Christoph Schell, president, Americas, HP Inc. "The truth is, if you have 500 employees, it is easier to have one secure cloud structure than it is to secure 500 laptops. Reduce your risk through security-centered device management and proactive practices and policies to engage each employee in the security process."
In addition to creating a secure network, small businesses must select secure hardware and adopt secure protocols to really protect themselves. HP Inc., has developed security software Touchpoint Manager to help companies streamline their protection policy, minimize security vulnerabilities and monitor protected systems.
2. Keep spies out of your email.
Marketers, lawyers and sales people are widely using email tracking solutions to improve sales and better engage with prospects and current clients. Those solutions are popular in CRM systems as well. But cybercriminals are also using these tools to track the date and time emails are opened, where they are opened, where they are forwarded and so forth.
MailControl allows companies to block spymail from hitting their inbox. It is an especially effective tool in preventing targeted phishing attacks from reaching your business.
3. Stop ransomware.
The most prevalent cyber security risk to small businesses today is ransomware. The FBI estimates that over 4,000 U.S. businesses are infected by ransomware every day. Ransomware takes control of the files on small business networks by encrypting them and holding them for ransom. The existing tools, like anti-virus, are not effective against the rapidly changing variants.
WatchPoint has an easy to use tool, called CryptoStopper, which small businesses can download and install to protect their network. CryptoStopper deploys bait files throughout a network. When these bait files are encrypted, the infected user is isolated, and the ransomware is stopped before doing damage. This is a new and unique approach to stopping ransomware.
4. Train your employees.
One of the most common, and preventable, attacks on small businesses is a social-engineering attack triggered by phishing attempts, improper web use or incoming phone calls. The most current training systems on the market are designed for large enterprises, but some companies set up our solution to help any size business, from those with just a few employees to those with thousands.
Security Awareness Training -- Security Mentor: Employees aren’t always ready to combat a cyberattack or know when they are being baited into one. Security Mentor has created 10-minute lessons with its Security Awareness Training program. Small businesses will be able to train employees to be aware and alert, while making the right choices in a potential cyber crisis through these brief, online lessons.
5. Get SLL for your website.
Traditionally, companies have used SSL/TLS certificates (displayed as “https”) only on shopping carts or login pages. This can help, as it encrypts the data being sent between the customer’s computer and the SMB’s web server. Also, if companies use an Extended Validation (EV) certificate, the web browser will display a green padlock and website-address bar, as well as the company’s name next to the website address.
Today, though, companies are encouraged to follow what’s known as Always on SSL. This means that the entire website is protected by https, instead of just a couple of pages. This helps protect against modern attacks that seek to steal information when a site visitor browses between secure and not-secure pages.
Finally, Dan Hubbard, product CTO of Cloud Security, Cisco Systems, shared some advice. “There are a few things small businesses can do," he said. First, make sure you have security solutions in place that are proven to detect and stop the majority of malware -- and make sure they are deployed at critical points within the company.
"Second, in terms of ransomware: Back up your data. If you have a copy of your information that the attackers can’t get to, you are not at their mercy.”
In sum, you don’t need to do everything, but do something. Attacks happen and small businesses need to pay close attention to cybersecurity because they are increasingly becoming a point of focus for attackers.