Even for small businesses Internet access is an essential business tool that assists in payment processing, ordering and inventory, and customer interaction. The Internet can also be used to increase customer footfall by setting up free Wi-Fi hotspots, or to create a direct revenue stream, for example in a hotel or B&B as a chargeable room extra.
The evolution of Bring-Your-Own-Device (BYOD) places additional pressure on business networks. One of the benefits of BYOD is that it can increase efficiencies by making employees readily available at different times and locations. If mobile payments become more widespread, it won’t be long before customers are also using their devices to connect to your networks and complete transactions.
As a result of the benefits the Internet delivers it is easy to forget that many cybercriminals are part of organised gangs operating on an international scale to steal data from every type and size of business. Small businesses are certainly not immune to attack and multiple studies have shown that attacks directed at small businesses are only increasing.
The recent Department for Business, Innovation and Skills’ 2013 hacking survey found a massive 87 per cent of UK small businesses across all sectors experienced a security breach in the last year, with the average attack causing between £35,000 and ?65,000 worth of damageAmounts most businesses would struggle to absorb and could very likely sink a small company.
Making sure your business is properly secured against Internet threats can seem daunting, especially when facing the plethora of technical speak surrounding it, but there are some simple steps anyone can take to improve internet security in their business:
1. Password control
?Password1?, Admin” and £1234″ are not acceptable passwords. You may snigger at the naivety of people using these, but it’s surprisingly common and mostly down to failing to change default settings. Each user should have a unique password that they never share (with others or across accounts), is different to the default setting, and is regularly updated.
2. Robust firewalls
Firewalls are the first line of defence against Internet threats, by protecting networks and stopping intrusion attempts. It may take a little research to find the best firewall for your business but it’s the single best investment you can make to protect network integrity. If you have an IT services provider, they should be able to provide a good recommendation.
3. Effective training
All employees that access the internet need security training. But it doesn’t have to be complicated. Education on simple procedures surrounding password and access management is often enough to improve security. But don’t just do it once; regularly reinforce the message with consistent reminders and supplementary sessions. Security is a mind set, not a check box.
4. PCI DSS
If you accept card payments then you?ll likely have heard of the Payment Card Industry Data Security Standards (PCI DSS), a set of mandatory requirements from the card schemes. While the PCI DSS are designed to ensure the security of card data and payment networks, they?re also a great baseline for general Internet security. If you already have PCI processes and procedures in place then you?ll probably be well on the way to good overall security.
Outsourcing security to qualified third parties is often the most effective management method. Having the correct expertise and systems in place can make all the difference in the long run, especially financially. Even for a small company it’s often cheaper to outsource network security than suffer the consequences of a data breach. According to one study, about 60 per cent of small businesses close within six months of a security breach.
6. Ongoing maintenance
Security isn’t a one off exercise. Fraudsters change their methods regularly and businesses have to keep up. Ongoing maintenance keeps systems up-to-date, providing continuous protection. Make sure you’re applying the latest software patches to your systems as they come out.
Security doesn’t have to be expensive or time consuming. Often it’s just about changing a few internal processes and approaching the Internet with more awareness. With business environments increasingly thriving on connectivity, making sure those connections are working for you and not opening your business to threats is vitally important if the benefits of the Internet are to be effectively maximised.
Bill Farmer is the CEO of Mako Networks.