IT Security Basics For Your Small Business

By Rieva Lesonsky

IT security is crucial to your small business.Google finds about 9,500 new malicious websites every day. The sites are either websites that have been compromised by malware authors, or sites that are built specifically for malware distribution or phishing. And 40 percent of social media accounts are set up by spammers. If you haven’t set up IT security guidelines for yourself and your employees, you could big problems could be headed your way. According to a survey last year from Symantec, 77 percent of small business owners think their companies are safe from cyber threats, yet an overwhelming 83 percent of those companies have no formal cybersecurity plan.

The report also showed:

  • Most small business owners believe security is critical to their success and brand: 73 percent of say a safe and trusted Internet is critical to their success, while 77 percent think a strong cyber security and online safety plan is good for their company’s brand.
  • Nearly six out of 10 small business owners do not have a contingency plan outlining procedures for responding and reporting data breach losses.
  • 66 percent of small business owners are not concerned about cyber threats—either external or internal.

To prepare a comprehensive plan for protecting your small business, check out the FCC’s Cybersecurity for Small Business guide online. In addition, AVG has the following tips for keeping your company safe:

  • Acceptable Use. Decide whether or not employees may use company technology for personal use. Most companies allow it, however, you should at least have a policy explaining that employees can’t install software that is not approved by you or your HR or IT team. Also, be sure to set rules on the storage of files and company information on removable media, such as USB/ flash drives, external hard disks and writeable CDs/DVDs.
  • Password Policy. A good password should be at least eight characters in length and should be a mixture of letters, numbers and one other character, such as an apostrophe, exclamation mark or dollar sign—and should be changed quarterly. Your password policy should not allow employees to share personal passwords with anyone inside or outside of the company.
  • Reporting of Breaches. If a staff member accidentally downloads a virus, make sure it’s mandatory they speak up immediately. Sometimes an employee feels guilty about reporting a breach, but it’s imperative the problem is addressed immediately.

Once you put in place a strong cyber security policy for your employees, consider reaching out to your customers to get their feedback on your product or service with a survey. Download, “Customer Surveys: How to Raise Your Sales & Marketing IQ in 6 Easy Steps” for guidance.