Cybersecurity is no joke. Whether you have a website, online accounts or any type of Web-based infrastructure, you are at risk for a cyberattack.
Although the public typically only hears about cyberattacks against high-profile companies, banks and government websites, small businesses make prime targets for cybercriminals, competitors and disgruntled parties. Yet, due to their lack of resources, small businesses have the least-protected websites, accounts and network systems — making cyberattacks a relatively easy job.
To help you protect your business, here are 13 small-business-friendly cybersecurity solutions to get you started.
When it comes to low-cost security solutions, you usually get what you pay for. Comodo is a global, award-winning security provider that offers free and affordable security tools that don't compromise on features and reliability. Solutions include: Comodo One, the company's free IT management platform that features Remote Monitoring and Management (RMM), Patch Management and Service Desk all in one place; Comodo Securebox to shield apps from malware-infected devices; and Comodo Advanced Endpoint to automatically prevent malware from entering networks. Small businesses can also enjoy free antivirus, free and paid SSL certificates, free Internet security, mobile device management, firewall protection, security for POS systems and many other services. [See Related Story: Cybersecurity: A Small Business Guide]
Looking for a single solution to cover all your bases? ESET lets you choose from a wide range of security bundles to protect your computers, mobile devices, USB drives, networks and servers. For instance, the ESET Small Business Security Pack guards Windows and Mac computers, as well as iPhone and Android phones, file servers and email accounts. The company also offers custom solutions that allows you to build the perfect security tool for your business. You can choose by product type, company size and industry. Choices include endpoint security, mobile security, remote management, two-factor authentication, encryption, file security, email security, virtualization security and more.
3. Cradlepoint NetCloud Engine (Pertino)
Virtualization and cloud computing offer many gifts, including the ability to access your desktop, files and other data anytime, anywhere using any device. Security concerns, however, can complicate the convenience. Cradlepoint NetCloud Engine, formerly Pertino, offers one easy, affordable and super-secure way to virtualize your network and your business. You'll enjoy a VPN decked with layers of security protection, such as multifactor authentication — a combination of users' ID, token (i.e., their device) and PKI-certificate — fully cloaked private addresses, micro-segmentation, end-to-end encryption, access policies, industry-leading cloud security, data center protection and more.
4. Lookout Mobile Security
It's not just computers that are at risk for security breaches. Lookout Mobile Security is all about protecting your business from cyberattacks on phones and tablets. It works by predicting, anticipating and shielding businesses against all types of mobile threats, such as malware, data leakages and the risks associated with sideloaded apps and jailbroken devices. Lookout also gives you complete visibility over devices and offers advanced tools to manage risks, vet software and app vendors, investigate incidences and ensure compliance with security regulations and company policies.
According to one of the tenets of cybersecurity, you should create strong passwords for all your accounts and services. These days, even passwords based on your pet's name or your spouse's name and birthday come with risks. Random passwords are the way to go. Randomg.org features a random password generator that automatically creates strong, alphanumeric, case-sensitive passwords up to 24 characters long. Combine results or add your own touch for a super-secure password. You no longer have an excuse to use "password," "fluffy123" or other ridiculously easy-to-guess passwords.
As a small business, it always helps to know someone has your back. StaySafeOnline.org, powered by National Cyber Security Alliance (NCSA), is full of tools and resources to help small business owners protect their businesses, employees and customers from cyberattacks, data loss and other online threats. Small business owners can learn how to assess their risks, monitor threats, implement a cybersecurity plan and train employees. They'll also learn what to do after an attack, and how to report one to the proper authorities to recoup any losses and bring attackers to justice.
7. FCC Small Biz Cyber Planner 2.0
Cybersecurity can be overwhelming for small business owners. Want to cover all your bases, but don't know where to start? The Federal Communication Commission's (FCC) Small Biz Cyber Planner can guide you in the right direction. Just fill in your information, indicate your areas of concern, and the planner will automatically generate a custom cybersecurity plan with expert advice for your business. Areas covered include privacy and data security, scams and fraud, network security, website security, email, mobile devices, employees, and more.
8. Symantec for Small Businesses
Many cybersecurity solutions cater to enterprises and large companies, often resulting in sticker shock for small businesses. By contrast, Symantec offers comprehensive security packages built for the small business budget. From protecting your equipment to ensuring the privacy of your data, Symantec's small business protection suites include antivirus/antispyware, firewall and privacy protection; data-loss prevention, automated backups and fast disaster recovery; email scanning and filtering to prevent data leaks; virtualization support; and more.
Protecting your website doesn't have to cost a lot. The free CloudFlare tool essentially "sits in front" of a website and fights against malicious attacks, such as SQL injections and denial of service (DoS) attacks that can shut down your website. CloudFlare automatically detects attacks, blocks them and creates reports to keep you up to date. CloudFlare also evaluates visitors, assessing things like their reputations, IP addresses and other factors to determine legitimacy. Users can also block a range of IP addresses, choose security levels, set up firewalls and enable SSL security certificates for data encryption.
Large-scale distributed denial of service (DDoS) attacks have increased exponentially in the past few years. In essence, DDoS attacks overwhelm website resources, causing an outage that can last from minutes to days, and result in substantial financial losses. DDoS attacks are particularly disastrous for businesses that sell online. Protect your website with NSFOCUS, a DDoS mitigation provider that delivers an all-in-one cybersecurity solution for small businesses. Services include attack detection, defense and monitoring management to combat even the most sophisticated and high-volume attacks.
It's not just consumers who face the risk of identity theft. Businesses can fall victim, too. To protect your company, check out business identity protection services like CSID. This full-service solution offers everything from threat intelligence to fraud detection, as well as user and transaction monitoring, credit services, and data breach mitigation. And for businesses dealing with super-sensitive data, CSID also offers advanced authentication methods using global ID verification systems and voice biometrics.
12. HTTPS Everywhere
Make Web browsing more secure with HTTPS Everywhere, a browser extension for Firefox, Chrome, Opera and Android Web browsers that encrypts communication while you surf major websites. Many websites use Hypertext Transfer Protocol Secure (HTTPS) communication to protect data when users log into accounts, make online purchases and complete other transactions. You can tell when a website uses this protocol because "https://" appears in front of the URL. Nevertheless, they are typically limited to select webpages and are often combined with non-HTTPS protected pages, compromising your security. HTTPS Everywhere fills in the gaps and ensures the security of your Web browsing at all times.
Cybersecurity starts from the inside. A business can implement all sorts of cybersecurity measures, but if its employees don't get training to avoid cybertraps, cyberattacks are just a few clicks away. Social-engineer.com helps organizations identify risk areas and how malicious attackers can exploit vulnerabilities to gain unauthorized access to infrastructures. Employees receive training using social engineering risks-assessments and tests that simulate real-life events and mimic attacks. Social-Engineer provides online and onsite training, and can customize programs based on individual needs and requirements.