5 Cyber Security Tips for Small Business Owners in New York & New Jersey
Here at Total Security, we subscribe to the idea that security is a never-ending process. As technology advances there will be new methods of digital crime, our job isn’t to eliminate risk but rather to minimize it as much as possible. To make an analogy for any NFL fans reading this, what makes the New England Patriots great? In my observations, I have noticed that the Patriots rarely beat themselves. They never shoot themselves in the foot or make stupid mistakes which leave opportunities for their opposition to take advantage. I urge you to take the same mindset into securing your business. Let’s control all the variables we can and tilt the odds for success in our favor. Success, in this case, is defined by keeping critical data safe, and the following tips will certainly aid your business in this quest.
1. Secure Your Network
The first step in making your business as secure as possible is to install a firewall at the main office and/or brick and mortar location. The firewall will put up a defense between anyone who is close enough to connect to your Wi-Fi and the important info stored on your business’ private network. Now, for some background on a private network. A private network is a group of computers connected through T1 or T3 wiring, the computers communicate with each other through a wired or wireless connection. A firewall helps secure this flow of information in the same way a water filter parces harmful particles and lets the water flow through to the basin.
A firewall is no different on a conceptual level, the firewall is customized to filter out packets of info containing certain keywords deemed undesirable. The firewall filters out the ‘bad’ and allows the rest of the info to pass through into the private network. After constructing a firewall there is still one more measure to be taken. At least one computer in the network should have access to public connections. Because of this, the firewall should be tailored to allow one computer to receive these public messages, whilst prohibiting any other computer to receive these messages. This allows you to keep the integrity of the firewall intact and have a computer that can communicate safely with external networks.
2. Use A VPN
A VPN (Virtual Private Network) is a necessary security measure in this day and age. It works by using a public network like the internet to connect remote users together. For a VPN to be ultra-effective, the business must already have a private network. The VPN takes connections routed through the business’s private network and delivers it to the remote user. Essentially it is taking the private network experience from the headquarter of the network and allowing it to be safely accessed by an employee operating off-site. This gives the luxury of experiencing a private network when you are in fact nowhere near the headquarters of the network.
A VPN encrypts data in such a way that hackers who do gain access to your private network cannot read the data transmitted through that very network. This is an essential measure from a risk aversion standpoint, in the off chance a hacker gains access, the VPN ensures that they cannot do anything with this access.
3. Use a Password Management Tool
Popular services such as DashLane work by storing all of your passwords off-site, also they have a password generator that creates complex passwords that are nearly impossible to guess. This is a great method to reduce the risk exposure of your business, the reasoning is as follows. If your business has no private network, firewall or VPN then there is a relatively high probability that your business will have someone snooping around company documents, emails etc. Password management tools are not something that should be implemented as the sole security measure, rather it should be implemented in conjunction with the two measures discussed before.
In the presence of a private network and firewall, a password management tool can be compared to a deadbolt lock on top of a traditional lock system. It is there for added security, but should not be depended on as the lone measure to keep intruders out. The benefit comes in the scenario where your business gets hacked and some external user gains access to your documents and info. This cyber intruder will be powerless to gain access to precious accounts because the passwords are stored on the service providers’ servers. This is essentially making a bet that your servers are easier to gain access to than a service like DashLane. We here at Total Security believe firmly that one should aim to diversify risk as much as possible and having an off-site password management service storing all critical passwords is a must for any business.
4. Have In-House Servers
The first thing to know about an in-house server is the cost of implementing this measure. Your business will have to go through the numbers and weigh the options. As a rule of thumb, if the cost of losing your data due to a breach outweighs the cost of implementing a server, then it is logical to eat the upfront costs and get an in-house server. The costs include the hardware (ranging from $320 to $1000+) and the space in your office. The server must have its own rack, in close proximity to outlets, and in a room with adequate ventilation to avoid overheating. The server will also have to be accompanied by an IT professional who can perform the required maintenance.
These costs are deemed necessary due to the inherent risk of the alternative, cloud-based data storage systems. The cloud is not very secure, the data is easily accessible to third parties with the required expertise, and cloud breaches over the years have been well documented in the media. The in-house server does not require an internet connection to access documents, also the server ensures that all your business’ critical data is not accessible to third parties. Also, for small to midsize companies, the cost of a server is actually comparable to the cost of cloud services. The in-house server option also gives the business direct control of their data backup.
5. Protect Your Data
The last tip that we at Total Security have for you is simple, be mindful of your communications over the internet. At the end of the day, security is about minimizing risk as there is no way to completely eliminate it. Every tip preceding this one has been about using technology to minimize risk. The last tip is on the shoulders of the leaders of the business and the employees.
Everyone must do their part to reduce human error. It has to be a point of emphasis in the company. No sending sensitive emails on unsecured servers, no accidentally posting sensitive info on social media accounts such as LinkedIn, Facebook etc. On top of technology, if the human factor is accounted for then your business will be very well protected from a digital security standpoint. Minimize careless mistakes, control all the variables you can and you will have a more secure business as a result.
This concludes our 5 Digital Security Tips for Business. We hope you learned a thing or two throughout the duration of your read. To learn about our services, give us a call at 516-775-2304.