If there's one thing that there's no shortage of, it's small businesses. In the US alone, there are over thirty million of them. And by and large, they're doing a miserable job of protecting themselves against a rising wave of cyber-attacks and digital risk.
The statistics on the subject are as telling as they are disturbing. At last count, about 43% of all cyber-attacks were aimed at small businesses. When they succeed, the results are catastrophic. In the case of ransomware, statistics show that almost a quarter of affected small businesses end up shutting down in the aftermath.
As frightening as all of that is, though, the reality is that small businesses could easily be doing a better job securing their digital systems with minimal extra effort. The problem seems to be that they just don't know where to direct that effort for maximum effect. To help, here are three simple small business cybersecurity upgrades that would make a world of difference if adopted en masse.
(Photo: Gorodenkoff / Adobe Stock)
One of the biggest problems the average small business faces when it comes to cybersecurity is their reliance on consumer-grade technologies in their business networks. Of major concern are the scores of businesses that use consumer-grade Wi-Fi routers as their primary networking device.
That's a major issue because as many as 83% of those devices contain security vulnerabilities that could allow an attacker access to connected systems. The fact of the matter is that such devices are designed to be inexpensive, not secure, and should never be relied on to protect business systems. An upgrade in that area should be step one for every single small business.
Ideally, they should have a standalone hardware firewall device between their computers and the public internet. At a minimum, there should be a high-end wired router with built-in security features in its place. The wealth of information available online makes finding the best wired router for the job a snap, and the same goes for adding a standalone wireless access point behind it to handle mobile device access.
(Photo: adam121 / Adobe Stock)
In today's complex digital threat landscape, no amount of network-edge security will ever suffice. For that reason, it's important for small businesses to take steps to protect each and every device that is connected to their networks. It's something that all too many fail to do.
All it takes to remedy the situation is to invest in a business-class endpoint protection solution. With one in place, small businesses can harden their devices against a variety of digital threats. They also gain much better visibility into the security status of their networks, as most endpoint protection platforms also provide a central management console that alerts the manager of potential security problems, weaknesses, or items that need to be addressed to stay safe.
(Photo: Gorodenkoff / Adobe Stock)
Last but perhaps most importantly, no small business should go without a complete and active data backup solution. It's a last line of defense that guarantees a business can recover from any type of attack without either caving in to extortion demands or sacrificing critical business data. Best of all, it's something that's easy and inexpensive to do, compared to what it would save in the event of a problem.
To begin, small businesses should purchase and set up a network-attached backup device that can protect the most critical data they have. That should make it possible to recover any needed data as fast as the network can transfer it to an unaffected machine. They shouldn't stop there, though.
Since ransomware can often affect local backup devices (since they're network-attached), a secondary offsite backup solution should be a part of the mix, too. There are a variety of comprehensive and low-cost business cloud backup solutions that can do the job, and they should remain isolated from things like ransomware attacks if configured the right way.
(Photo: jirsak / Adobe Stock)
As you can see, with minimal investments of time and money, small businesses can dramatically decrease their odds of being victimized by a cyber-attack. Of course, it's also a good idea to complement these measures with a training program that teaches all employees what threats to watch out for online. That way, both the infrastructure and the workforce will be able to work together to make sure that next year's small business cybersecurity statistics don't look as bad as they have to date. If all stakeholders work together, small businesses don't have to be under such an extreme threat ever again.