small business home office cyber security steps

Cybersecurity Steps for Small Business

by | Apr 11, 2019 | Cybersecurity | 0 comments

Cyber criminals are increasingly attacking small companies. The ease of hacking small businesses due to failure to prepare or the belief they were too small to matter, now makes these companies and home networks prime targets for malicious actors. Currently, identity records from small businesses (SMBs) are now the top target for hackers.


Small and home businesses have some alarming cybersecurity statistics:


With small businesses reporting that they lose roughly $80K on average annually to cybercrime, here are some steps home offices and SMBs can follow to be more cyber secure.



The Basics


Get training and keep up on new trends and threats. Employees are not only the first line of defense but also a company’s greatest risk. Important: learn how to recognize phishing risks and take appropriate action.


Secure your network. Set up firewalls. Keep software patched and operating systems up to date.


Follow email best practices, use good password hygiene, and choose an email provider that will encrypt and keep your email safe. Also, enable two-factor authentication whenever possible. Make sure your web hosting service is secure.


Consider using a VPN. It adds a layer of encryption to activities — but make sure to use a product that doesn’t store or misuse your data. Never use public wi-fi (at least without a VPN).


Keep a back up of data — consider keeping another backup in cloud storage in case of catastrophe.


Stay aware of changes in legislation and the regulatory landscape. Failure to do so could result in fines that only compound the expense of a breach. “Furthermore, state and federal unfair trade practices laws are now being used by state attorney generals and the Federal Trade Commission to regulate data security practices.”



Make Plans


There are a few plans or strategies small businesses should have in place to stay secure. Technically, they can go by many names but have a security plan that includes a risk mitigation strategy, a data security breach plan, and a data loss prevention and backup strategy —and test them before they are needed.


The plans don’t have to be complicated but should be reviewed and updated regularly.


Creating a very basic plan is a simple but worthwhile exercise.

  1. Set an objective for the plan
  2. List your assets and the potential risks facing them
  3. List the ways to mitigate those risks as well as who is responsible for executing that action.



With small businesses being an increasingly desirable cyber target, taking the time to create these plans and follow the basics won’t take very long but will payback in the long run by helping keep your business up and running, protect your reputation, and keep your company and customer data safe.