Cyber security is the newest front in risk management for small business owners. It is also probably the most overlooked.
Whereas many business owners go out of their way to take precautions for risks like fire, break ins, and employee theft, most overlook the dangers of cyber vulnerability.
Whatever their reasons may be, cyber security has become as -if not more- important than all other security precautions that small business owners take, especially when criminal cyber activity costs around $140 billion and half a million American jobs every year.
If big companies like JetBlue, NASDAQ, and even Apple – all of them with considerable cyber security resources – have been recent victims of cyber attacks, your small business is also at risk.
So, just because you’re a small merchant doesn’t mean you’re not a target; in fact, a cyber attack could do serious damage to your small business operations.
So, here are 5 suggestions to increase your small business’ internet security:
1. POS System Encryption
Cyber security starts at your Point of Sale — it is, after all, where you make your money. First off, you must have a POS solution where the payment data is encrypted in the hardware .
In other words, a customer’s payment information should be encrypted in the swipe hardware, prior to going into whatever tablet and/or computer system you may be using. Viruses and malware live in computers and tablets (more on this in a bit) and they can easily steal payment data if the data goes into the system without previous encryption.
Another kind of cyber security risk in POS systems are the ever-evolving card skimmers, which are no longer limited to ATM machines. So, make sure you have a top PCI-compliant POS system and frequently check if anyone has messed around with your hardware.
2. WiFi Network Segmentation
Segment your WiFi network.
Preferably, separate your network into 3 segments: one for processing payment data, one for your customers to browse on, and one for your own personal computers and/or tablets.
Processing your payments on a network easily accessible by anyone in your locale is pretty much an invitation for a cyber attack and it’s a measure often overlooked by small business owners. Assuming that you have business-sensitive data on your personal computers and tablets, it’s also a smart move to have separate, personal WiFi.
Don’t be obvious here: use unrelated names for your payment and personal WiFi networks so that hackers cannot easily guess that they’re affiliated with your business.
As far as the public is concerned, you have one WiFi at your business.
Most modern routers support network segmentation, but if you have an older router, you could always just get a new one for segmentation.
3. Computer & Tablet Security
Install virus and malware protection on your computers and tablets, especially if they store business data.
This isn’t necessary for iOS tablets because there simply is no such anti-virus software. Android tablets, however, don’t have anti-virus software and downloading one is a must.
This is because Apple scans every app for malware and virus protection before they release them into the Appstore, whereas Android’s system is more open and has no such scrutiny for releasing apps.
Google scans apps for malware after they’ve been released, but by then your tablet could already be infected.
This is specially important if you use Android tablets to accept payments, so don’t hesitate and Google ‘Android anti-virus apps’.
4. Password Security
This may seem obvious, but you’d be surprised at how predictable passwords can be.
Make your passwords secure and not easily guessable, and make them different across all your segmented networks. It’s ok to write down passwords somewhere but always remember two things:
1. employees do give out your passwords and you should change these passwords every once in a while, and
2. change your passwords in case you let go of an employee who knows the passwords to your networks.
We also recommend you use a WPA2 password encryption on your WiFi network, as opposed to older types of security like WEP because they have more security holes.
Passwords are your main line of defense, so these safety precautions are worthwhile.
Perhaps the best (and easiest) way to do this is by using a password manager.
5. Accept Software Updates
Companies often patch security holes in their systems, so make it common practice to accept updates from computer, tablet, and app manufacturers for greater security.
What are other techniques that small business owners can use enhance their business’ cyber security?
Chime in below!