Column: Cybersecurity tips for small businesses


Commentary by Eric Anderson

Almost 2 billion data records around the world were lost or stolen through cyber attacks in 2017, and the trend seems to be increasing.

Following the hacks of large organizations like Yahoo!, Target, Uber and Equifax, even the assets and information of small- and medium-sized businesses are not safe. A company’s size does not make it immune to computer vulnerabilities. Thanks to the shrinking cost of data management, storage and services, cyber security is more manageable for businesses of any size.

Here are four simple measures companies can take to protect themselves, their customers and their employees.

Use a password manager

More than 30 percent of Americans use the same password for all of their accounts. Password managers such as LastPass, 1Password and Dashlane generate random passwords of up to 64 characters for users. Small business owners should assign access and responsibility to only necessary people and departments. Passwords, documents and files are securely managed and encrypted across multiple devices.

Watch the Wi-Fi

Coffeeshop Wi-Fi is convenient and easy to use, but it is often not secure. Experienced hackers can jump on a network and grab customer information and bank records without the user knowing. Similarly, viruses can be planted that are taken back to the small business network. Entire systems can be compromised.

Train employees

The WannaCry Ransomeware and ILoveYou viruses have spread across millions of computers in a short period of time because people clicked on links in emails from “friends.” People make mistakes, but they make fewer mistakes with proper training. As part of new employee orientation, demonstrate best practices and policies to protect company assets.

Two factor authentication

Having a strong password is a good start. Make sure to also use two-factor authentication, or TFA, when possible. Social media and banking sites should require a password first. After users have passed this first level of security, the site or service will send a code to a pre-determined device such as a cellphone. Only after this code has been typed in will the user be granted access to the account.

These steps are just the starting point. Business owners don’t need a computer science degree or coding certification to protect themselves and their data. However, they are responsible for taking the necessary steps to secure company assets and information from prying eyes.

Eric Anderson is the Chief Geek and training director for Scientifically Speaking, where he makes technology easy to use, personally and professionally. He is a native of Carmel, where he lives with his wife and three daughters.

Current Morning Briefing Logo

Stay CURRENT with our daily newsletter (M-F) and breaking news alerts delivered to your inbox for free!

Select list(s) to subscribe to

By submitting this form, you are consenting to receive marketing emails from: Current Publishing, 30 S. Range Line Road, Carmel, IN, 46032, You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact