Top 10 cybersecurity tips from the SBA

Lending

By Monica Braun, former staff member

Security is important to all of us, personally and as business owners. With critical information provided by customers, it is essential that proper steps are taken to ensure your records and their information are adequately secure. Here are some tips on Cybersecurity from the Small Business Administration.

1. Protect against viruses, spyware, and other malicious code
Make sure each of your business’s computers are equipped with antivirus software and antispyware and update regularly. Configure all software to install updates automatically.

2. Secure your networks
Safeguard your Internet connection by using a firewall and encrypting information. If you have a Wi-Fi network, make sure it is secure and hidden. Password protect access to the router.

3. Establish security practices and policies to protect sensitive information
Establish policies on how employees should handle and protect personally identifiable information and other sensitive data. Outline the consequences of violating these policies.

4. Educate employees about cyberthreats and hold them accountable
Educate your employees about online threats and how to protect your business’s data, including safe use of social networking sites.

5. Require employees to use strong passwords and to change them often
Consider adding multifactor authentication that requires additional information beyond a password to gain entry. Check with your vendors that handle sensitive data, especially financial institutions, to see if they offer this.

6. Employ best practices on payment cards
Work with your banks or card processors to ensure the most trusted and validated tools and anti-fraud services are being used. Isolate payment systems from other, less secure programs. Do not use the same computer to process payments and surf the Internet.

7. Make backup copies of important business data and information
Regularly backup the data on all computers. Critical data includes word processing documents, electronic spreadsheets, databases, financial files, human resources files, and accounts receivable/payable files. Backup data automatically if possible, or at least weekly, and store the cop¬ies either offsite or on the cloud.

8. Control physical access to computers and network components
Laptops can be particularly easy targets for theft or can be lost, so lock them up when unattended. Make sure a separate user account is created for each employee and require strong passwords.

9. Create a mobile device action plan
Mobile devices can create significant security and management challenges. Require users to password protect their devices, encrypt their data, and install security apps to prevent stolen information while on public networks. Set up reporting procedures for lost or stolen equipment.

10. Protect all pages on your public-facing websites
This applies to the complete site, not just the checkout and sign-up pages.

Source: Condensed from www.sba.gov/managing-business/cybersecurity/top-ten-cybersecurity-tips