Many small businesses have a false sense of security when it comes to cybersecurity. Unfortunately, this leaves the business vulnerable to attack and the business is not prepared to handle the situation when it happens. It can cost an organization more than $200,000 on average to fix and recover from a cyber-attack. For some small businesses, this could mean financial ruin, and lead to shutting the doors forever.
Are you one of those businesses that believe you’re safe? Let’s talk about your reasoning, and see where we end up, shall we?
Too Small: Many small businesses believe that their size gives them anonymity and that they are far less likely to be targets. However, the opposite is actually true. Small businesses are MORE likely to be targets of cyber-attacks because they are EASY targets. Hackers are depending on that false sense of security and your lack of financial resources for high-end security measures!
Useless Data?: Maybe your argument is that you don’t believe that the data you store has any value to a cybercriminal. That simply isn’t true! Small businesses actually collect and store much of the same data as larger companies, just in smaller quantities. Employee records like social security numbers, and client information like addresses and payment information, are at risk and make you a lucrative target for hackers.
Antivirus: Oh, you’ve installed antivirus, so you believe you’re safe, right? While you absolutely should have antivirus and antimalware software installed, these will only protect you from certain kinds of cyber attacks. With the evolution of technology, hackers have evolved as well. Social engineering, like phishing emails, for example, are a more sophisticated type of attack designed to get around your protective software.
IT Team: So, you have your own IT team, and believe that they are capable of handling cybersecurity prevention. However, your IT team needs to understand how you access and use data and how it flows in and out of your business to protect it properly. It’s not just the IT department’s responsibility. Data security involves multiple departments of your business and they need to work together for proper security.
Protected: Ok, so you’re a small business and you’ve done your due diligence, and your company’s data is secure. What about that third-party vendor you’re working with? Business is about people, you don’t work alone! Often, a cyberattack comes from working with a third-party whose lack of security offered cybercriminals a way to infiltrate your business. It’s important to vet the security practices of the businesses you work with no matter how secure your own practices are.
Inevitable: You understand that a cyberattack is likely to happen, on some scale, so why bother? Well, that’s a rather negative view, and while it is good to understand the risks and reality of situations, positive outlooks are generally preferable for business success! Additionally, having layers of protection can reduce the impact of an attack, should it succeed in penetrating. This means a reduction in cost of recovering, and perhaps most importantly, attempts to stabilize or regain trust in your customers. Part of business success is being able to protect your employees and customers, so they continue their roles.
So, what should you do, now that you know you’re at risk? First, you should make sure you’re protected from a technical standpoint. Yes, you should have antivirus and antimalware software. You should also consider hiring an outside cybersecurity firm. They offer assessments, monitoring, and resolutions. Tighten business practices when it comes to data access, and procedures for data destruction. Probably the one area most overlooked is the human element. One of the biggest threats to data security is lack of training and awareness among employees. Regular training and enforcing of policies is imperative to data security.
At Lifeline, we’ve done our own due diligence! We’ve recently partnered with Axiom Infosec, a leader in Information Security, and can now offer our customers another layer of protection. Cybersecurity is important for every business, no matter the size!
Published November 2, 2018
Lifeline Computer Solutions is Local!
Locally owned businesses build strong communities by bringing neighbors together both economically and socially, and by offering support and contributions to local causes.
- Local Economy
Locally owned businesses recycle more of their revenue back into the local economy, up to three times the amount that chain stores do.
- Job and Wages
It’s not surprising that local businesses create more jobs! Sometimes, depending on the area, they even provide better wages and benefits than chains.
Would you rather compete with other small businesses or a chain? A marketplace full of small businesses is the best way to ensure innovation and low prices over the long-term.
- Unique Character and Tourism
Communities that preserve their one-of-a-kind businesses and distinctive character have an economic advantage. Tourism is driven by the desire to find the unique. A little boutique will get tourist attraction far more often than a chain.
- Environmental Sustainability
This knowledge is becoming more widespread with the movement to buy local food. Small, local stores allow for walkable town centers-which reduce automobile use, habitat loss, and air and water pollution.
These are just some of the benefits to using local businesses. Lifeline, like you, is part of the local community. We care about you, like we care about our friends because we’re all in this together. We want to help your business, and the rest of the community thrive in a world where chains and big-boxed stores threaten to overshadow what makes us unique. We are Lifeline.
Published October 11, 2018
Lifeline Computer Solutions and Axiom Infosec Join Forces
Axiom Infosec is an established leader in the IT security industry. Axiom works to identify current and potential digital threats and find solutions to enhance security protocols and eliminate the possibilities of continuing cybersecurity problems. By partnering with Lifeline, they will offer cybersecurity strategy, risk management, network penetration testing and more to Lifeline’s technology services.
This is an exciting new chapter for Lifeline and for our customers! Two leaders in the information technology world coming together to maximize your experience and help your business be successful and secure. We are ready to help you reach the next level in your business. We are Lifeline.
Published October 1, 2018
Employee Behaviors that Increase Risk of Data Breaches
- Bad habits: Leaving computers unattended and unlocked. This is usually a “I’ll be right back” situation but leaves the information vulnerable. Other bad behaviors might be writing important notes on paper that might be left or forgotten, or even thrown in the trash without shredding (such as passwords, client information, etc.)
- Remote workers: It’s easier than ever to have employees work out of the office, but if cautionary measures are not taken, it could lead to breaches. Using the unsecured wireless network at a coffee shop is a significant risk, and even a flash drive can be easily misplaced or stolen.
- Using Social Media or unsafe sites on work computers: Many employees log into social media accounts or other websites from their work computer. Whether on a break or otherwise, this opens up the network to the possibility of hacking through these sites.
- Not communicating threats: Whether from fear of losing their job, or the lack of realization of there being a threat, such as the example above, unreported risks are a problem. If the IT department is alerted to a potential threat, they have a better chance of shutting it down than trying to stop it in the process of a hack.
What can you do to avoid data breaches when the biggest threat is your employees? Most businesses have training programs for cybersecurity that employees are subjected to when they start. However, many businesses stop there, or only refresh the training once a year. Cybersecurity should be part of the culture, rather than just a part of the training.
Published September 19, 2018
Small Businesses and Data Security
Here are some tips to keep you safe:
- Train employees: The biggest threat to cybersecurity is employee negligence. Train employees about the importance of security, how to use programs properly, to never leave their stations unlocked, etc.
- Firewall: Installing a firewall is imperative to securing information, even on a private network! Don’t think that your secure Wi-Fi network is the only defense you need.
- Updates and cleaners: Run cleaners on computers regularly and keep all software and drivers updated. Generally new versions of software have closed previous version’s security holes.
- Backups: Some system breaches cause crashes that result in complete loss of the data that was hacked. Keep all important information backed up on a secure method not tied to your network.
- Control physical access: Physical access to computers and network technology should be restricted. Employees should keep their stations password protected and log out when not present.
- Limit employee access: Some information or technology does not need to be accessed by employees. The more limited the information is, the more secure it will be. Restrict access when necessary.
- Secure Wi-Fi: Your business is likely going to use Wi-Fi, and it is important to use a secure network. File sharing, emailing, and other online business should never be done over shared networks.
- Passwords and authentication: Use passwords and authentications, such as security questions, for computers, file sharing platforms, and so on. Make sure passwords are required to be strong, and that employees change them often.
Published August 26, 2018
Secure File Sharing
Deciding which direction is best for your business is dependent on your specific needs and nature of your file sharing. Here are some things to consider when making the choice for your business:
- Choose business-grade sharing platform: One of the biggest mistakes is picking a file sharing system that is for consumer use. Business-grade systems offer more protection for your data sharing.
- Consider an integrated system: Depending on your needs, a standalone system may not be appropriate for you. While it will cost more initially, it may be worth having the security of an integrated system for emailing and file sharing.
- Usability: The system you choose should be secure, but it should also be easy to use! You should be able to monitor the security of your system, and all employees should be able to understand and use it easily.
- Training: The biggest factor in data breaches is employee negligence. Properly educating and training all employees about the necessity of the security of your company’s data and the proper use of the file sharing system you choose is imperative.
File sharing is part of everyday business. Make sure you’re picking the right system for your cybersecurity and business needs.
Ransomware in Point of Sale (POS) Systems
With the increase in credit card breaches, a strange phenomenon is happening. There’s too much stolen data out there and not enough demand for it, which is driving down the price of stolen credit card data. As a result, hackers may turn to a new venture: ransomware in POS systems.
While POS-based ransomware has been rare so far, it could turn into a major threat if retailers don’t protect themselves now.
If a cyber criminal deploys ransomware to shut down a POS system, it could potentially bring business operations and revenue to a halt. Such an attack would force retailers to pay to regain access of their POS system. This would likely prompt a store to pay the ransom quickly so they could get their operations running again. For the hacker, this results in a quick profit.
Businesses with a POS system should enact protections now against potential threats. Protection might include a firewall, or a type of threat detection which detects incoming or existing malware.
As technology changes, new and different threats arise, and your business needs to prepare. The Lifeline team stays appraised of these changes and will work with you to ensure your business is ready for the future.
Published July 6, 2018