10 top tips for keeping your business safe online

Discover why Internet security should be high on your small business’ agenda

Protecting any business, large or small, start-up or established, against the latest web threats has become an incredibly complicated task.

The consequences of external attacks, internal security breaches and Internet abuse have placed Internet security high on the small business agenda – so what do you need to know about security and what are the key elements to ensure your new business is and remains safe online?

Trend Micro sheds some light on this tricky subject with 10 top tips.

1. Close your doors to malware

In the same way that you wouldn’t dream of leaving your back door unlocked at night, you wouldn’t invite cyber criminals into your business. But, by not securing your computers, that could be exactly what you’re doing.

Malware is malicious software designed to infiltrate or damage a PC or network without your knowledge or consent. Employ the following to shield your business from malware:

  • Apply the firewall. A good Internet router will have an on-board firewall (so don’t forget to turn it on), this is not enough nowadays with the complexity of malware, but it does provide a first line of defence.
  • Protect the PC. The best security software will go beyond standard protection and will reside on the computer without hindering the performance of the PC, laptop or network. The best protection will encompass identity theft, risky websites and hacker attacks within a single solution.
  • See it to defend it. Select a solution that helps you keep tabs on mobile users, and all your PCs and servers with a single console.
  • Help mobile users. Good security will have location awareness. This capability changes the security settings on laptops automatically to the best level of protection for employees as they move inside or outside the office.
  • Clean up email. Antispam reduces unwanted email, blocks risks and distractions for employees. Stop processing spam by stopping it before it reaches your business.

2. Write your policy – small businesses and start-ups are targets

Size is really irrelevant when it comes to online crime and fraud and smaller businesses are easier targets due to limited or no in-house IT support. Teach employees and re-teach them about your security requirements.

Your policy should include, but not be limited to:

  • Share turn-ons and turn-offs. Which applications can be loaded on a company computers and which are prohibited?
  • Require strong passwords. Refer to tip four on passwords.
  • Enforce consequences. What happens if the policy is not followed? Be prepared to back up your words.
  • Use it. Don’t abuse it. What is the proper usage of a company-issued computer? This includes use of the Internet.
  • Educate about email. Include internal and external communications as well as what should and should not be opened or forwarded.
  • Encrypt or be clear. Decide if an email encryption solution to protect your sensitive information is required and when.
  • Appoint a “Go To.” Who is the person who employees can ask if they have questions about the policy or computer security in general?

3. Tackle social media before it trips you up

Social media is here to stay, so empower your employees with best practices and guidelines. The following are ways to minimise risks in social networks:

  • Look who’s talking. Decide who can speak on behalf of the company and only allow those employees to write about the internal and external events.
  • Define what’s confidential. In your security policy, cover social media sites like Facebook, Twitter, LinkedIn and more in your non-disclosure agreement for confidential business information.
  • Provide guidelines and a forum to develop them. Social media blogging and posting for the company should have guidelines about what information is okay and who can post. Guidelines need to go beyond security:
    • Blogger should identify themselves as employed/paid by your company.
      You’ll get backlash otherwise
    • Define the tone of the blog.
    • Protect customer information and egos. Remind customers not to share personal information in a post and where to go for help with questions involving confidential information.
    • Decide when support information should be released in social media.
    • Get executive/owner sponsorship so guidelines can be adapted quickly with business needs in mind.
    • Use resources like BlogWell (www.blogwell.com) to develop your guidelines and learn about social media.
  • Be social, but be smart.
    • You should only publish information that you are perfectly comfortable with being disseminated widely, depending on what you want to accomplish.
    • Assume the worst to get the best results. Encourage employees to limit the amount of personal information they share online for their safety and your company’s safety.
    • Add only people you trust to your contact list.
    • Avoid clicking unexpected links coming from people you do not know.

4. Protect with passwords

Like it or not, passwords are the key to most small business networks, so they are important to protecting access to your networks. The more keystrokes and characters you add the stronger your password will be.

  • Start out strong. Require strong passwords with a length of at least eight characters with embedded numbers, so you can stop simple attacks that guess passwords.
  • Time to change. Time out old passwords and require password changes frequently.
  • Keep them safe. Educate employees about why writing down passwords, storing passwords on cell phones, or using guessable choices puts company security at risk.
  • Get the combination. For the strongest passwords, don’t use words at all. Use random letters, numbers and special characters. Use secure password managers to encourage complex passwords so that people don’t have to worry about remembering them.

5. Get critical about Internet security

Select security solutions that can help you conquer the latest threats with fewer distractions for your employees:

  • Stop the mad links. Don’t rely on employees to think about security or restrict where and when they can access the network or Internet. Automate updates and make security transparent for employees.
  • Keep the web productive. Along with guidelines for acceptable web use, select solutions that stop unacceptable use. URL filtering can limit access to unproductive sites completely or during business hours.

Comments

You must log in or Sign up to post a comment.