While online security breaches typically appear in the news after big businesses fall victim – affecting millions of users – small businesses are far from immune.
In fact, 47% of small businesses experienced at least one cyber attack in the past 12 months, according to the 2018 Hiscox Small Business Cybersecurity Report.
Parrot Digital Marketing is committed to the best practices, including online security. For this reason, we put together a Small Business’s Guide to Online Security.
Why Hackers Target Small Businesses
The conversation around cybersecurity is often confusing and complex – and when you’re a small business owner, you don’t exactly have the time to do a deep-dive on the topic.
For most small businesses, hiring a cyber security professional isn’t in the budget. This is probably why the Hiscox report shows only 52% of businesses have a cyber security strategy in place at all.
Even more alarming: Towergate Insurance revealed 82% of all small business owners don’t believe hackers will target them. They think they don’t have anything worth stealing.
It’s exactly this attitude that makes small businesses so attractive to hackers – they have more assets than individuals, but far less cybersecurity than a bigger business with even more assets.
Cyber Attacks 101
Almost all cyber attacks share a common goal: stealing and exploiting sensitive data. This might mean hackers are targeting customer credit card information, or seeking out credentials to commit identity fraud.
However, that’s not to say all cyber attacks are the same. Here’s a list of the most common types:
- Phishing attacks
- Malware attacks
- Trojan Horses
- SQL Injection
- Cross-Site Scripting (XSS)
- Password attack
- Eavesdropping attack
- Birthday attack
- Brute-force and Dictionary Network attacks
- Insider Threats
- Man-in-the-Middle (MitM) attacks
- AI-powered attacks
- Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) attacks
You can read about these in more detail at 17 Types of Cyber Attacks To Secure Your Company From in 2019.
Improve Your Small Business’s Online Security in an Hour
Parrot Digital Marketing is concerned with your online security. This is why we gathered the best ways to protect your small business in as little as an hour.
1. Perform a Cyber Security Audit
How well protected are you? You might be secure in some areas, but lacking in others. Knowing where you stand is the first step in securing your small business from online attacks.
Start by examining your current online security systems to figure out where your business stands.
2. Install a Proper Firewall and Security Software
A proper firewall will be your first line of defense against most hacking attempts. Without one, you have no way of automatically detecting and shutting out a cyber attack on your payment terminal and/or other vulnerable parts of your site.
Other security software should also be installed to test your small business website for any breach vulnerabilities.
3. Educate Your Employees on Online Security
The next step is having well-informed employees who know how to recognize and prevent cyber attacks. Even something as simple as knowing how to recognize a phishing email can be the difference between airtight online security and a major breach.
You can start by having your team read this guide!
4. Improve Password Strength and Protocol
The longer, more seemingly random a password, the more secure it is. Brute-force attacks automatically and nearly constantly attack password protocols by attempting to use every word in the dictionary, or birthday combinations (etc.) to gain access.
Make sure your internal passwords are as strong as possible and implement a password protocol to ensure customers do the same with their login details (if applicable).
5. Use Multifactor Authentication on All Business Accounts
Multifactor authentication protocols are a “quick win” for small businesses to improve online security. Rather than simply relying on a username and strong password, multifactor authentication requires an additional step – such as entering a One-Time Pin (OTP) sent via text or email, usually expiring in a set amount of time.
6. Ensure Your Website is SSL Encrypted
Although we placed it last, SSL Encryption is one of the most important security measures all websites should have. In fact, it’s so important that Google flags sites without SSL certificates to warn users.
RESOURCE: Install an SSL Certificate on a Domain (cPanel) and How to Install SSL Certificate for a Domain in Plesk
Ready to take your online security to the next level? Let Parrot Digital Marketing bullet proof your site!