Many business owners never consider the priority of securing their businesses from cyber criminals and other internet threats, possibly because of lack of funds, resources or know-how. Thus new businesses are at the top of cyber criminal’s target list.
According to Symantec’s 2014 Internet Security Threat Report, the number of attacks against smaller businesses (with fewer than 250 people) nearly doubled from 18 percent in 2011 to 31 percent in 2013. Incidentally, many firms still felt comfortable with their current security measures, even if none were in place.
What do you do against security threats then? Joe Ross, president and co-founder of CSID, a provider of global identity protection and fraud detection technologies for businesses, offers three ways to improve your security measures.
Protect your identity
At the beginning, your business is very much an extension of yourself, making your identity attractive to cyber criminals. When you apply for a business license, much of the information submitted -- your name, business name, location, phone number and license -- will be publicly available.
Cyber criminals can target new business owners (since those starting a business likely have some money and a good line of credit) and try to obtain credit in the company’s name. Criminals might also compromise new business websites, as security measures are often not yet in place.
Be on high alert on personal social-media sites for social engineering schemes. Do not connect with people you don’t personally know.
Secure new business websites with long, complicated log-ins, keep virus software up-to-date and ensure that sensitive information is encrypted.
When you register your business, ask what, if any, information can be omitted in public records.
Keep an eye on your personal credit score and information for any fraudulent activity by using a credit and identity monitoring service.
Monitor your business credit
Most small and medium-sized company owners know that they have a business credit score, but a majority of them do not know what the number is. One tactic used by cyber criminals to exploit the finances of these companies is to pose as the owner and run up credit using the business’ name. This can ruin the line of credit for the business. New-company owners do not tend to keep a close watch on their business credit, which gives cyber criminals a chance to abuse it before getting caught.
Know your business credit score and look for any suspicious changes in your credit every month for your business' first year. After that, check every six months.
Try a monitoring service to keep track of your business’s overall health and mitigate the risk of a breach.
Use secure devices and networks
Many startups don't have an office, and entrepreneurs rely on coffee shops, libraries and other public places as remote worksites. When working in a public setting, make sure your device and network are secure to keep cyber criminals from collecting sensitive information via tactics like man-in-the-middle attacks (when someone intercepts Internet traffic).
Make sure any cloud services you access are secure. Services like Box,Copy and Hightail are great, inexpensive solutions for startups. Before using any service, do your research. Any cloud vendor you use should have a trustworthy security reputation.
Use a virtual private network (VPN) when working in a public setting. A VPN allows you to access a secure network when you are in an otherwise insecure place. Using a VPN can help protect sensitive communication from cyber criminals trying to hack into devices connected to insecure, free public Wi-Fi. There are many free and inexpensive VPN apps you can use to protect your devices.
Make sure your mobile device does not automatically join the nearest available Wi-Fi connection. This can put your mobile device that stores personal and work information at risk for a man-In-the-middle attack.
As your business grows, security risks will shift, prompting the need for a different set of security measures.