Small and medium-size businesses are a big target for cybercriminals. In fact, new research has found that 75 percent of data breaches happen at small and medium-size businesses.
Last year alone, 40 percent of small businesses were victims of some sort of security breach, and 76 percent of those attacks occurred through a compromised password. Security breaches can cost businesses a lot more than lost business: The researchers found that 60 percent of small businesses hit by a cybersecurity attack will close within six months.
Despite those risks, just 17 percent of small business owners take steps to secure data on personal devices.
And although they may not have all of the proper cybersecurity protections in place, companies do realize the importance of cybersecurity: 77 percent of the small businesses surveyed said they realize online security is good for their brand, while 44 percent said customers are concerned about the security of a business.
The research also found that due to their increased reliance on technology, companies are having a harder time protecting themselves from the risks of data breaches. More than half of the companies surveyed by security company McAfee said social media has increased malware attacks. Additionally, nearly 70 percent of businesses said email remains the top means of communication for sending sensitive data.
Companies looking to prevent future attacks should understand that not all security policies take a one-size-fits-all approach. With that in mind, consider McAfee's cybersecurity tips for small businesses:
- Train your employees: Companies should train all of their employees to use strong passwords and avoid dangerous links and emails.
- Know your data: Employees should know where confidential data is stored and be sure to have it in a secure location.
- Keep track of your devices: Companies should keep track of all the devices that employees use as a means to prevent potential data breaches.
- Protect your network: Companies need to utilize firewalls and virtual private networks to secure sensitive information.
- Secure physical devices: All electronics and physical devices should be secured and locked so that access is limited.
- Keep facilities safe: Offices and stores should be locked to keep them protected.
- Protect your website: Companies can reassure customers by using trustmarks on their website and utilizing strong anti-virus software.
- Have clear cybersecurity policies: Companies should write a clear, well-planned policy that encompasses device use and how to dispose of secure information.
- Dispose of products the right way: When devices are no longer being used, companies need to wipe all information from them and physically shred all paper documents.
- Screen employees: Companies can limit their risk by screening employees prior to hiring them.