11 Ways to Protect Your Business From Cyber Criminals

Professionals are on the loose, hoping to prowl through your computer networks, but they're not working for your company. Here's how to keep their hands off your firm's data.

learn more about Robert Siciliano

By Robert Siciliano

Opinions expressed by Entrepreneur contributors are their own.

The "bad guys" need not refer to the gangs roaming around with chains and baseball bats. These days many are geeky little waifs associated with organized cyber crime. These thugs are using their brains to find small businesses to brawl with. They want sensitive data from these companies and yours may be next.

Related: Best Practices for Employees to Protect the Company From Hackers

Protect your business from organized cyber crime rings that may include the following players:

Programmers: These skilled tech pros write and code the viruses that infect a business's computer network.

Carders: Specialists distribute and sell stolen credit and debit card data. Sometimes they transfer the data onto blank cards, then put foil on them to create duplicates.

Hackers: These intruders break into a company's PC networks via their vulnerabilities.

Social engineers: Such con artists concoct ingenious schemes to trick people into giving up personal information or visit websites that download viruses. These players represent the creative end of the crime ring.

Rogue systems providers: They run run scrupulous businesses that provide servers for cyber thieves.

Money mules: These individuals purchase things at retailers using stolen credit cards. Some launder money while others ship products.

Bosses: The head honchos of a crime ring hire the worker bees but rake in all the money.

Cyber criminals want valuable data: Social Security and credit card numbers, bank account information, email addresses, home addresses, birth dates and more. With this loot, they can take over existing accounts or open new ones to make fraudulent charges. After gathering email addresses, they can conduct phishing operations.

Hackers seek out weaknesses such as employees who are prone to fall for social-engineering scams and outdated operating systems or browsers.

Related: Beware of a New Kind of Business Identity Theft

Keeping cyber gangs at bay.

The following are tips for small businesses to take to stave off cyber crime.

1. Keep your operating systems updated and regularly patched.

2. Have a firewall plus software that opposes virus, spyware and phishing attacks.

3. Keep your browsers updated at all times with the latest version of the software.

4. Keep all system software updated.

5. Encrypt your wireless network.

6. Restrict software and set up administrative rights so that nothing can be installed on company computers without authorization.

7. Use filtering that controls access to data.

8. Block access to restricted sites with Internet filters to prevent employees and hackers from uploading data to storage clouds.

9. Remove or disable USB ports so that malicious data can't be downloaded.

10. Implement strict password policies.

11. Encrypt entire drives, folders and files.

Adopting software and hiring professionals.

Other security issues can result from scammers working on the inside or employees not being educated about the risks of bringing their own devices to work. Business owners should consult with security professionals.

By installing data-loss prevention and risk-assessment software, it's possible to monitor the entire network's activities to detect events that could lead to a data breach and detect trespassers before it occurs.

White hat hackers will search for weaknesses and try to break through them, using tactics similar to what black hat hackers use. These white hat hackers may use social engineering tricks or screen the physical security of the building for weaknesses, even during business hours. Staged attacks have been proved to succeed elsewhere, so if they work against the company during these experiments, the company will have a rude awakening.

If businesses do nothing, assuming a "nothing can happen to us" mentality, then it's only a matter time before a security hack.

Related: 4 Ways a CEO May Be Inviting a Cyber Criminal to Attack

Robert Siciliano

Personal Security, Privacy and Identity Theft Expert

Robert Siciliano, CEO of IDTheftSecurity.com, is committed to informing, educating and empowering Americans so they can be protected from violence and crime in the physical and virtual worlds.

Related Topics

Editor's Pick

The Dark Side of Pay Transparency — And What to Do If You Find Out You're Being Underpaid
Thinking of a Career Change? Here Are 4 Steps You Can Take to Get There.
A Founder Who Bootstrapped Her Jewelry Business With Just $1,000 Now Sees 7-Figure Revenue Because She Knew Something About Her Customers Nobody Else Did
Everything You Need to Know About Franchise Law
Business News

A Mississippi News Anchor Is Under Fire for Quoting Snoop Dogg

WLBT's Barbara Bassett used the rapper's "fo shizzle" phrase during a live broadcast, causing the station to let her go.

Business Ideas

55 Small Business Ideas To Start Right Now

To start one of these home-based businesses, you don't need a lot of funding -- just energy, passion and the drive to succeed.


Streaming TV Is the Future of Advertising — Without Breaking the Bank

Today's consumers expect personal, impactful ads. There's an advertising method that can get you there for half the price, making it the next frontier in digital advertising.

Growing a Business

Scaling Made Easy: How to Scale Your Business like a Fortune 500 Company

Once you have the night-vision skills of Fortune 500 restaurants, scaling becomes effortless. Here are 3 ways to scale, hidden in plain sight.