By George Otte
Though large-scale corporate hacks are more likely to make headlines, smaller hacks are actually far more common.
According to The Guardian, small and midsize U.K. businesses reported a significant increase in hacks between 2013 and 2015. The story is much the same in the United States and elsewhere in the world: Smaller enterprises are increasingly vulnerable to digital threats.
You don’t need the resources of a Fortune 500 firm to protect yourself against cyber intrusion and data theft. These five practices can substantially reduce your risk.
1. Encrypt Mission-Critical Data
Unencrypted data is vulnerable to theft or copying by digital thieves. Newer systems may have built-in encryption tools, like Windows 10’s BitLocker. BitLocker allows you to store encrypted data on a computer’s hard drive or on external drives (which are more portable). You can also encrypt your data in the cloud using a secure backup service like Carbonite.
2. Use a Sophisticated Anti-Malware Solution
Your company needs a sophisticated anti-malware solution with a regular update cycle. Nothing less will protect your networks and devices against the ever-growing multitude of digital threats. There are lots of choices out there, so get started by reading up on how to choose an anti-virus app.
3. Avoid Running Multiple Security Programs at the Same Time
Since no single anti-malware program is perfect, it might seem logical to run multiple security applications at once. Unfortunately, discrete security programs aren’t necessarily designed to work with one another. Running multiple programs in concert can therefore cause conflicts that make your system less safe. Carefully choose a single reputable, well-regarded security solution and stick to it.
4. Use a Virtual Private Network in Less Secure Settings
If you travel for work or meet clients in the field, you’re likely to encounter open Wi-Fi networks. On open networks, anyone with network access can view and potentially capture information you send and receive—including sensitive data like passwords, client records and financial statements. A virtual private network, or VPN, creates an encrypted “tunnel” between your computer and an outside server network that makes it very difficult for attackers to read and steal your data.
5. Create Strong, Unique Passwords
A strong password is an essential first line of defense against unwanted system intrusion and data theft. Password strength is determined in part by the likelihood that it will be “guessed” by human intruders or (more likely) the algorithms they use to penetrate personal and business networks. Strong passwords are generally longer; use combinations of letters, numbers and special characters such as ‘@’ and ‘!’; and aren’t reused in multiple locations. Bottom line: Devote time to generating long, strong, unique passwords for each of your important accounts and system points of entry—and change them regularly.
Cyber-criminals are always looking for new ways to exploit vulnerabilities, and small business owners with limited resources are particularly ripe for attack. While these five practices provide critical protection against data theft in cyberspace, they must be paired with constant vigilance—and the steady hand of an experienced computer services provider—to be truly effective.