Small business defense against cybercrime
Eduard Goodman, Chief Privacy Officer for Identity Theft 911 has seen an increase in small businesses being targeted for cybercrime within the last five to seven years. Highly desirable data include customer information lists and personally identifiable information such as social security numbers, dates of birth and account numbers.
A recent survey by Symantec and the National Cyber Security Alliance shows 85 percent of small business owners believe their company is safe from hackers, viruses, malware or a cyber-security breach. Sixty-nine percent rely on Internet security for their business’s success.
Yet, the same survey shows 77 percent don’t have a formal Internet security policy for employees and 49 percent don’t even have an informal policy.
So how can small businesses protect themselves?
Ensuring your business has the latest anti-virus, spyware and firewall programs is one method of protection, according to Goodman. Training on how to recognize phishing emails is essential as fraudsters will send emails from someone like the CEO of a company so employees think they have to open the email.
“Question what you’re clicking on, question where it’s coming from,” says Goodman. Have an awareness to take that extra 10 seconds to ask ‘Hey did you send me something? Is it legit?’”
Goodman also recommends have a written security policy. Businesses need to ensure they have insurance coverage.
“They (small businesses) don’t want to find out after an incident that they don’t have coverage, “ says Goodman. “ I believe in having a back-up plan and the insurance side of it is important. We’re not talking a bunch of money. We’re talking free to $50 to a couple of hundred dollars on an annual policy that protects them, that will provide for remediation in case something happens or even getting money back in case there’s fraud. “
Using computer patches to fix holes and problems are also essential according to Goodman. “The system hasn’t been updated so it’s running in an environment that was safe two years, but there are holes in the network they’re not paying attention because they’re not regularly sealing them up.”
The Federal Communications Commission also has a cyberplanner to help small businesses come up with a cybersecurity plan.
Goodman recommends that businesses contact their banks, insurance companies and local police as soon as they think their security has been breached.
The consequence of a security breach depends on the type of business.
“Some businesses are bricks and mortar,” says Goodman. “They get hacked into, but there’s not a lot of data there. Others are online sellers, when they get hacked everything gets exposed.”