5 Ways Small Businesses Must Protect their Data

Cyber security is a new concern for all businesses. Big hacks, like the Target, Home Depot, and Sony attacks, have only emphasized how much small businesses need to protect themselves. Large businesses have a lot of resources to do this, but small businesses often do not have the budget or knowledge to perform due diligence against cyber security attacks. Here are 5 ways a small business can protect itself from data threats. Protecting Small Business Data: Backup The new threat on the block is ransomware. Symantec estimates that 60% of small businesses face significant financial hardships after being attacked by ransomware. Some of these businesses even discontinue service or go out of business as a result of the attacks. Ransomware encrypts important files, like documents, pictures, and CAD files, on a PC. The local PC isn’t the only victim either. Ransomware will also attempt to reach out to other PCs on the network, especially mapped network drives. Once the ransomware finishes encrypting files and drives, the software demands money to un-encrypt the data that the business can no longer access. The ransom can be expensive. Small business can’t afford that kind of monetary hit. However, if a system gets attacked by ransomware and the business has a quality backup, the business can simply wipe the PC and start over. Re-imaging a PC and restoring data only takes a day or two and saves the business thousands of dollars. Backing up and protecting small business data is easy. There are a lot of good, online services that automate this process for an affordable yearly fee. Likewise, it’s easy enough to setup on your own. The important thing is to keep 3 different backups for the 3 different time periods for each PC. Each backup set needs to be kept on-site, off-site but local, and not local. This ensures that data is saved in case a business goes up in flames or the offsite backup is hit by a natural or man-made disaster. Data storage is cheap today so there’s a backup is an easy choice.. Protecting Small Business Data: Switch to the Cloud The cloud is still a scary thing for businesses. I understand why. Using a cloud infrastructure means that businesses have to hand over control of their IT systems and depend on another business to stay in business. Think of it this way, though, cloud businesses build their business on reliability, speed, and security. Microsoft’s Azure and Amazon’s S3 services are incredibly powerful. They both have over a 99% uptime guarantee in their Service Level Agreements. Both replicate data in servers throughout the country. Both backup data. Microsoft has the advantage of adding their entire Office Suite in the cloud, too. Best of all, cloud services can lower ownership expenses. Protecting Small Business Data: Purchase, Update Quality AV Antivirus protection is still needed in today’s environment. By now we shouldn’t have to warn anyone to install a quality antivirus program and keep it up-to-date. So many businesses still don’t follow this basic rule, though. This is something that any small business can implement in a few hours and automate. Protecting Small Business Data: Restrict Admin Accounts Most small businesses buy a few PCs and attach them to a small local area network. They don’t use domain services or group policies. That’s okay. It’s not always appropriate for a small business to utilize these kinds of services. It is important to make sure that employees aren’t using admin accounts on their PCs, though. Admin accounts are setup by default. Changing a user’s profile from being an admin to a standard user eliminates 90% of virus and attack-ware threats. Employees can always elevate privileges on the PC when they need to install software. Protecting Small Business Data: Education Nothing is more important than education. Employee education can significantly reduce the threat of cyber attacks. Even simple reminders to avoid opening links or attachments in email will significantly reduce the chances of an attack. Hold monthly education meetings or assign a “security guru” to send out weekly or monthly newsletters for employees to read and act on. These are basic steps but speaking to the last point, awareness and education is a significant part of the battle against data breach and data corruption. Please let us know if you have other questions. The needs of our customers frequently grow in one area or the other, such as the recent spike in ransomware. We might bring your concerns to the blog to help others, as well.