Connect with us

Hi, what are you looking for?

HEADLINES

10 IT security tips for SMBs

Like just about everything else in business, technology and security decisions really boil down to money. Only you can decide how best to allocate your resources. Spend wisely and you’ll have the best possible chances of succeeding — security doesn’t have to break the bank.

By Jennifer Saber
Senior Vice President and Head of Information Technology
Kaspersky Lab North America

Starting a business has never been for the faint of heart, but the cyber age has brought new dimensions to the already complex ongoing process. Simply put, you cannot do business of any kind without cybersecurity.

tips-for-smbs

But, like just about everything else in business, technology and security decisions really boil down to money. Only you can decide how best to allocate your resources. Spend wisely and you’ll have the best possible chances of succeeding — security doesn’t have to break the bank.

Here are my top 10 basic and not-so-basic tips for setting up small-business security:

  1. Having an IT security policy is crucial.

Sure, commonsense rules apply — “don’t steal” comes to mind — but creating a basic IT policy should be a top priority. You and all of your employees will gain an understanding of rules and expectations regarding everything from passwords to customer privacy, from physically securing technology to data classification.

Advertisement. Scroll to continue reading.

Crafting a policy can be demanding of your resources, but you can find tons of good sources of information online, such as the Infosec Institute and the SANS Institute. You can tailor any basic policy to suit the needs of your business. Just make sure employees read and sign an acknowledgment form once you have your policy in place.

  1. Secure your data.

That means not only keeping criminals out, but also backing up data securely and regularly. If you are not in a financial or technological place to ensure your data is secure, let a large business do it for you.

  1. Gain perspective.

As a small business, you might feel like an unattractive target for cybercriminals — like you’re too small to be interesting. Instead, think of SMBs as a class of targets — interesting targets.

The main reason small businesses are great targets is that they represent a gateway to your customers and partners. Of course, criminals also bank on a certain proportion of SMBs not prioritizing security!

  1. Check your local authority that provides support to small businesses.

In case of USA — Small Business Administration (SBA). SBA.gov has a wealth of information for SMBs, including training on cybersecurity and tons more in its cybersecurity section. Local chambers of commerce are also great resources.

Advertisement. Scroll to continue reading.
  1. Install comprehensive security software everywhere.

You need security on everything — servers, PCs, other connected devices. Set it up to stay up to date and renew it on time. This is not the place to scrimp.

However, Kaspersky Small Office Security is an economical choice that protects laptops, desktops, and servers, as well as Android devices, against malware. It also secures small businesses against phishing and other common Internet threats, and for those businesses that need it, adds a layer of security for banking and payment transactions.

  1. Password protect all computers and other devices.

Your IT security policy should cover strong password use; also set up a password-expiration policy to force users to change their passwords every 90 days.

  1. Destroy information you cannot secure.

If you take credit card information, and you don’t have the means to store the information securely, then don’t store it. Once you’ve processed it, shred it.

  1. Take special care with personal information.

If you have to store personal info for employees, make sure it’s secure, and limit the people who have access to it. Back it up securely. If you keep physical records, lock them up. And physically secure electronic equipment as well — eliminate the chance that someone, whether an employee, a customer, or a random stranger, can take a laptop away to hack at leisure.

Advertisement. Scroll to continue reading.
  1. Leverage larger companies.

If your small business lacks the resources (capital or human) to handle a task expertly and securely, hire or partner with a business that can. For example a vast majority of SMBs use ADP for payroll.

Why? Economies of scale make a huge and popular payroll company a more effective and economical solution.

But payroll is just one aspect of running a business (and it isn’t even an issue for every small business): Think about which services might be better outsourced to another company.

How about physical security? I recommend an alarm system with remote monitoring for that. How about a remote facility for data backup? In all cases, look for services that specialize in working with small businesses.

  1. Enable and reinforce employee awareness.

That includes you, by the way. If you understand the elements of security for your business, and take them seriously, you will be able to impart the information clearly to other employees.

Advertisement. Scroll to continue reading.

Revisit security policy and practices a few times a year. As with other areas of security, you may want to look back to No. 9 and employ the services of a company that specializes in employee training.

You have nothing to lose and everything to gain by setting strict policies — and following them to a T. Your security is only as strong as your people, and the leader has to lead by example.

Advertisement
Advertisement
Advertisement

Like Us On Facebook

You May Also Like

HEADLINES

Companies plan to increase their IT security budgets by up to 9%. The median cybersecurity budgets for large enterprises were US $5.7M with US...

HEADLINES

Globe has been a consistent advocate for a safer and more responsible digital space

HEADLINES

The attackers used a series of campaigns with novel exploits and customized malware to embed tools to conduct surveillance, sabotage and cyberespionage as well...

HEADLINES

Financial phishing attacks are rapidly increasing in the country as cybercriminals continuously evolve and adapt their tactics, making them sophisticated. The number of attacks...

HEADLINES

A Scale of Harm study by the International Justice Mission revealed that almost half a million Filipino children were trafficked to produce new child...

HEADLINES

Yondu launched an extensive, month-long cybersecurity awareness campaign focused on modern threat detection, incident response, and social engineering defense.

ELECTRONICS

Philips EasyKey partnered with Megaworld and equipped their world-class properties with only the best-in-class smart locks we have on offer, the Philips EasyKey 9300.

HEADLINES

The PLDT wireless unit is also calling on customers to report these messages to Smart’s HULISCAM portal for further action.

Advertisement