It may seem logical to think that data thieves would generally target larger companies, and the smaller ones such as a small business would be overlooked. Why, after all, would someone bother hacking a small business for a few thousand pieces of information when they could hack a big one and get tens of millions? Sadly, there is a powerful incentive for such criminals to target smaller businesses: They tend to be woefully defended against cyber security threats, and even if the profit is not as great, the relative ease of it still makes small businesses a very attractive target.
The problem for small and medium businesses is they don’t have the resources of the multinationals. Many will just hire a consultant when they finally feel it is necessary. These beleaguered IT personnel rarely have access to the resources needed to ensure proper security, and in between all the other IT duties they undertake, are required to implement ad hoc solutions that do not always stand up to assault. It’s also common to hear about how poor the general working public’s understanding of computer security is, and this is a challenge any IT staff or consultant must face.
All combined it’s easy to see how a small business can look like an appealing target to a cyber criminal, and an IT consultant or employee faces a stern challenge in protecting a small business. With the right approach it is possible to drastically reduce a company’s vulnerability and, although perfect security is impossible, you can still make it difficult enough to attack that most people simply move on to an easier target.
Network Security For Small Businesses – One of the key features of a business’ security system is the network security. The difficulty lies in the fact that the same connections that makes the network possible is what makes it vulnerable.
Small business network security without compromising the efficiency of that network is the challenge, but with some care, it can be done even when your client’s means are modest. There are some elements of this which are true across the whole field of IT security, but some are specific to network security issues:
You must ensure secure password practices for all staff. The difficulty lies, of course, in actually convincing them to follow instructions on how to create secure passwords – you may need to talk to the business owner and explain why it is vital, and secure their help in enforcing these standards.
You can greatly enhance this with ‘two-factor authentication’.
A firewall is essential as well, of course, as it helps to ensure all information and users are kept where they are supposed to be. Remember that security within a network as important as that between the network and the rest of the Internet – users should have access that is limited to their needs and responsibilities.
Ideally, a small business network security setup will not allow users to perform general Internet browsing tasks on business computers. It is better to have those done through a different device or a different network entirely, to help guard against the possibility of downloading malicious files. This may not be feasible for all businesses, but push for it where possible.
Explain to the staff how to spot phishing and similar scams. They are a big threat that can be easily overlooked, but there’s nothing a hacker would love more than getting the information handed over so easily.
This list doesn’t contain anything particularly onerous or expensive, so the head of the business should like measures like these. The biggest challenge is often ensuring employees follow best security practices, for instance in having secure passwords and changing those passwords on a regular basis, and in not using network computers for personal matters. Emphasize the importance of these measures at all stages to everyone involved, especially the bosses or managers.
Businesses rarely want to spend time thinking about security; they want to leave it to someone else and get on with their own matters. It is therefore important that you keep in mind your clients will generally be disinterested in the specifics and that they want security measures that are unobtrusive both to employees and to customers.
Small business network security is important and often overlooked, but with the right measures it can be done to a satisfying degree. No security system can ever be perfect, but a robust system will deter most hackers from even trying, as they will move on to search for easier targets rather than spending their time and energy on your security setup.