Cyber Crime is evolving day by day and the efforts applied to stop are proved insufficient. There are three reasons behind it.
- Hackers are using more sophisticated hacking techniques that are unidentified by many traditional security practices.
- Web users are still ignoring their online privacy and security; they just use their device for fun, chat, gaming, etc.
- Organizations are even not taking cyber security seriously and avoiding implementation of strict security policy in their premises.
Hackers take advantage of such ignorance make users and the organizations, victim by applying different smart techniques like data spoofing, phishing, inject virus. When hackers breach huge organization’s defense, it becomes news, but when any small businesses hit with cyber attack, nobody garners a mention. It does not mean that the impact of cyber attack is minor or negligible. The McAfee 2012 report said that 72% data breaches occurred to SMBs.
What Statistics Says?
In 2013, a UK based PWC and Info Security jointly studied on the correlation between SMBs and cyber crime found some shocking results that are as under:
- An unofficial outsider attacked 63% of SMBs in the last year.
- 23% of small businesses were victim of denial-of-service attacks in the last year.
- 15% of Small Businesses noticed that outsiders had successfully infiltrated their network in the last year.
- 9% of small businesses have idea that attackers have stolen their private data in the last year.
- 57% of small businesses were victim of lacking BYOD policy and faced security breaches caused by internal employees in the last year.
- In 17% of SMBs, employees showed ignorance for data safety in the last year.
The Loopholes:
As it is well said “To Err is human”. There are numbers of SMB, who does not check their business transactions. Many business owners use their personal account for business purposes that can cause a high possibility of business data leakage. Small business generally allocates a small budget for security training; as a result, many employees remain deprived of security awareness. The biggest loophole is many business owners do not take any internet safety precautions at all.
How To Fight Against Cyber Crime?
Educate Employees
A proper employee training arrangement is necessary to cope with the emerging security protection. Make sure that all employees must participate in cyber security training. Guide them with proper training about rising cyber crime, different hacking techniques, potential threats and protection, etiquette for social media interaction. Make a standard policy for internal purpose, which should clearly state about acceptable and prohibited online activities for employees. A properly guided employees will help enterprise to remove the security risk.
Shore Up Weak Points
Identify the weak points in the organization’s system and put a defense against it. Encrypt your data before it is too late. A firewall is another essential part of your network system, especially, if customers’ data and confidential information are linked to the internet, so make it enable. Monitor any outdated software or system and update it to the latest version. Wipe data on unused devices and store them on current hardware. Garbage your old hardware or locked them properly in a separate room.
Be Careful On Social Media
Social media is twofold platform: it helps organizations to connect with new users, which drives more traffic and brand awareness across the world. On the other hand, it causes risk of a privacy breach, if you do not follow social media etiquette. Employees should have given training about social media interaction. Hackers use social media platforms to carry out phishing scams, even hacker also use shortened URL to spread infection which is impossible to recognize. Since last few years, we have noticed millions of data breach in which social media plays a vital role. Harmful links, games, malicious advertisements, are daily served over social media platforms.
Password Policy
Roll out a password policy across your organization and inform your employees to change their social media accounts and other login details frequently (every 2 months). Avoid using same password for multiple accounts. Avoid using Birth date, vehicle number, SSN number, 1234 numeric; all these are easily guessable. Hackers can easily interpret it and break passwords in minutes. Never reveal your password to any other individual. Always includes upper and lower cases, symbols, numerical in a password. It is also preferable to use password manager software; such software helps to prevent sophisticated intervention into your account by hackers.
Access Limit
Do limit the access of persons to confidential or financial information to the company profile; the fewer the persons have data access, the harder it is to break. When an individual request is made for data access, the purpose, description, and the details of the data requester should be registered. IT department has to make sure that any information is unpublished. It is a duty of the information compliance officer to check allocated data, and make sure that it is not used for other unlawful purpose.
Cyber Security Policy
In SMBs, most employees do not care about their social media dealings or device usage that could put an organization at risk of cyber threats. To avoid this situation, it is necessary to implement a strict cyber security policy, which draws attention on various subjects of security, and organization must make sure that every employee including top management is following it. Draft a cyber security policy that includes DOs and DON’Ts about information exchange, data access, BYOD rules, 24/7 critical information infrastructure, cyber security standards. Install antivirus to keep PC clean.
Install Antivirus Software
Though cyber threats have become more disguised and difficult to pinpoint, antivirus is still a considerable option for device safety. Always update an antivirus program to keep your PC system healthy and warns about any potential virus, malware, adware and phishing. For further protection, Small Businesses have to mull over multi layer protection that instantly blocks malware before penetrating into the network.
Conclusion
SMBs have to allocate a special budget for cyber security, as hackers believe them as a soft target. Besides, small businesses have to think beyond the traditional practice of security protection, and adopt changing security standards like multi layered security solution. To cope with ever changing cyber crime, small businesses have a long road ahead.