The World Wide Web’s growth in the 1990s introduced new possibilities and spawned new industries. However, connectivity also brought new threats. Spam infiltrated email accounts, and computer viruses wreaked havoc on business networks. Hacking emerged, extending the definition of thievery to include infiltrating computers to steal personal information and tricking people into revealing private data. Business secrets, bank account credentials and even people’s identities were at risk.
Unfortunately, hacking threats are even more severe and complex today. The stakes become higher the more businesses rely on technology. Fortunately, organizations have multiple ways to help defend themselves — and protect crucial data — from hackers.
Despite the prevalence of hacking threats like ransomware, business email compromise scams and data breaches, most businesses rely on the internet for a number of things. This includes: tracking finances, ordering and maintaining inventory, conducting marketing and PR campaigns, connecting with customers, using social media, and performing critical operations. Massive computer breaches affect big corporations with robust security measures. However, hackers also target small businesses that may underestimate cybercrime risks and lack the resources to employ expensive cybersecurity solutions.
Lax cybersecurity standards can derail a company. To give your business the best chance of preventing and mitigating cyberattacks, follow these tips to protect your devices and safeguard sensitive data.
Windows and macOS have built-in firewalls — software designed to create a barrier between your information and the outside world. Firewalls prevent unauthorized access to your business network and alert you to intrusion attempts.
Ensure the firewall is enabled before going online. You can also purchase a hardware firewall from companies like Cisco, Sophos or Fortinet, depending on your broadband router, which also has a built-in firewall that protects your network. If you have a larger business, you can purchase an additional business networking firewall.
Antivirus software is a small business cybersecurity necessity. Computer viruses and malware are everywhere. Antivirus programs like Bitdefender, Panda Free Antivirus, Malwarebytes, and Avast protect your computer against unauthorized code or software that may threaten your operating system. Viruses may have easy-to-spot effects — for example, they might slow your computer or delete critical files — or be less conspicuous.
Antivirus software plays a major role in protecting your system by detecting real-time threats to ensure your data is safe. Some advanced antivirus programs provide automatic updates, further protecting your machine from the new viruses that emerge daily.
After installing an antivirus program, don’t forget to use it. Run or schedule regular virus scans to keep your computer virus-free.
Spyware is software that secretly monitors and collects personal or organizational information. It’s hard to detect and remove and usually delivers unwanted ads or search results intended to direct you to specific (often malicious) websites. Some spyware records every keystroke to gain access to passwords and other financial information.
Antispyware concentrates exclusively on this threat but is often included in major antivirus packages, including Webroot, McAfee, and Norton. Antispyware packages provide real-time protection by scanning all incoming information and blocking threats.
Using strong passwords is a crucial way to prevent network intrusions. The more secure your passwords are, the harder it is for hackers to invade your system.
Secure passwords are usually longer and more complex. Use a password with at least eight characters and a combination of numbers, uppercase and lowercase letters, and computer symbols. Hackers have an arsenal of tools to break short, easy passwords in minutes.
Don’t use recognizable words or combinations representing birthdays or other information hackers can connect to you. Don’t reuse passwords, either. If you have too many passwords to remember, consider using a password manager, such as Dashlane, Sticky Password, LastPass, or Password Boss.
Always install operating system updates. Most updates include security fixes that prevent hackers from accessing and exploiting your data. The same goes for apps.
Today’s web browsers are increasingly sophisticated, especially regarding privacy and security. Review your browser security settings in addition to installing all new updates. For example, you can use your browser to prevent websites from tracking your movements, which increases your online privacy. You can also use a private browsing mode or install a browser specifically focused on security, like DuckDuckGo or Epic Privacy Browser.
Beware of email messages from unknown parties, and never click on links or open attachments that accompany them. Inbox spam filters have become good at catching the most conspicuous spam. But more sophisticated phishing emails that mimic your friends, associates and trusted businesses (like your bank) have become common, so keep your eyes open for anything that looks or sounds suspicious.
Hackers’ favorite accounts to target include Facebook, Instagram, Spotify and Twitch. They’ll use leaked credentials or steal login details via phishing emails.
If your business is not already backing up its hard drive, begin immediately. Backing up your information is critical if hackers successfully get through and trash your system.
Always ensure you can rebuild as quickly as possible after suffering any data breach or loss. Backup utilities built into macOS (Time Machine) and Windows (File History) are good places to start. An external backup hard drive can also provide enough space for these utilities to operate properly. Additionally, backing up to Google’s cloud backup system is seamless and straightforward.
Many businesses, especially those operating a web server, are “all systems go” all the time. However, if you’re not operating a complex internet-based company, switch off your machine overnight or during long stretches when not working. When it’s always on, your computer is a more visible and available hacker target. Shutting down breaks the connection a hacker may have established with your network and disrupts any possible mischief.
Not everyone needs to take this route. However, if you visit sketchy websites, expect to be bombarded with spyware and viruses. While the best way to avoid browser-derived intrusions is to steer clear of unsafe sites, virtualization allows you to run your browser in a virtual environment, like Parallels or VMware Fusion, that sidesteps your operating system to keep it safer.
Routers don’t usually come with the highest security settings enabled. When you set up your network, log in to the router and choose a password using a secure, encrypted setup. This prevents intruders from infiltrating your network and messing with your settings.
Passwords are the first line of defense against computer hackers. However, a second layer boosts protection. Many sites let you enable two-factor authentication, which boosts security because it requires you to type in a numerical code — sent to your phone or email address — in addition to your password when logging in.
Even if cybercriminals gain access to your network and files, computer encryption can prevent them from accessing that information. You can encrypt your Windows or macOS hard drive with BitLocker (Windows) or FileVault (Mac), encrypt USB flash drives with sensitive information, and use a VPN to encrypt web traffic.
Additionally, only shop at encrypted websites; you can spot them immediately by the “https” in the address bar accompanied by a closed-padlock icon.
The rest of our tips will address securing mobile devices from hackers, which requires unique security measures. Consider the following mobile device management tips.
When you’re not using Bluetooth, turn it off. Keeping your Bluetooth on but dormant opens another back door for computer hackers.
Unsecured Wi-Fi is a severe cybersecurity risk when traveling for business or working away from the office. Password-free, widely used Wi-Fi networks have no security features. As such, they’re prime targets for computer hackers.
Install a security app on your phone, just as you should install a firewall, antivirus software, and an antispyware package on your computer. Popular options include Avast and Bitdefender.
Unlock codes like 0000 and 1234 are easy to remember, but they’re also easy to guess. Instead, opt for a randomly generated six-number passcode.
Autocomplete is the feature that guesses what you’re typing and completes the word, phrase or other information for you. While convenient, this tool all but hands your email address, mailing address, phone number, and other important information to hackers. Switch it off.
Your mobile web browser has a browsing history just as your computer does. Clear it often — including cookies and cached files — to give hackers as little information as possible to work with if they do break into your phone.
Mobile cyberattacks are on the rise — and they can be just as devastating to SMBs as computer and network hacks. It’s crucial to include mobile devices in cybersecurity plans for comprehensive security coverage.
Computer hackers break into internet-connected devices like computers, tablets and smartphones to steal, change, or delete information. Hackers usually find their way into devices for nefarious purposes. (However, one exception is so-called white hat hackers, whom companies hire to break into their devices to find security flaws that must be fixed.)
Hackers often install malware to steal, alter, or delete information in your devices; you might not even know it’s there. They may access your precious data before you know about a break-in.
While popular media often depicts computer hackers as loners, the cybercrime ecosystem is highly complex and collaborative. In fact, the hacker economy is so large that the World Economic Forum predicts cybercrime could cost the global economy $10.5 trillion annually by 2025.
Here are some reasons computer hackers break into devices:
As technology continues to change rapidly — particularly with the advent of generative AI systems — hackers and their attack methods will likely shift. While many of the above tips will help SMBs protect themselves, keep in mind that security methods must also adapt.
One of the best ways to stay ahead of possible attacks is to cultivate a company culture of cyber awareness, where effective employee training includes cybersecurity training. The more security-conscious every member of a business is, the harder it becomes for hackers to target them — no matter what tech advances arrive.
Jeremy Bender and Jackie Dove contributed to this article.