Hacked! What Small Business Owners Can Do to Avoid a Cyberattack

You’re coming up on the heaviest selling season of the year, and your e-commerce store suddenly goes down. The server is completely inaccessible and you’re running around with no idea what’s going on. Your Web host gets back to you and tells you a DDoS (distributed denial of service) attack brought your server to its knees.

cyber attack

Cyberattacks are not something that only happen to large corporations. In fact, Forbes reports 71 percent of cyberattacks actually target smaller businesses with less than 100 employees. You might not have a full IT security staff at your disposal, but you do have ways to minimize attack attempts on your business.

Screen Software Carefully

Select your software as carefully as you select your employees. Look over reviews and double-check user reviews as well. Sometimes, the product description or review does not fully disclose all of the applications that may be installed alongside the main program. While adware isn’t necessarily going to hurt your computer, it is a distraction you don’t need on a work machine, and it may affect performance. On the other hand, malware and crimeware are a major issue. They are designed to execute unwanted programs on your system and either can hurt your computer and pull your personal information.

Choosing a Computer Security Suite

The type of security you need depends on the exact structure of your business. If you’re working by yourself out of your house, a basic security software such as AVG antivirus works great. If you deal with remote employees, multiple types of workstations, or BYOD (bring your own device) employees, then the security requirements are more complicated. Fox Business recommends going into high-end security solutions for your network if you handle sensitive customer data, such as Social Security numbers or credit card information.

Secure Your Network

Look over your business network. Choose routers and switches that employ hardware firewalls on top of software solutions. If you have IT staff, go through the group policies for your workstations and lock down anything that doesn’t need to be accessed by employees. Don’t allow anyone who is not an administrator to install software on the computers. Pull all of your business mail through business email accounts instead of personal accounts. You control the mail server spam and virus scanning software in this way, so you don’t have to worry about an unsecured mailbox with Trojans galore gaining access to your systems.

Take a look at your server security, as well. If you are leasing servers from a Web hosting company, find out exactly how they secure their data centers and what protection they have in place, in case of a DDoS or another major attack. Keep your server OS and scripts up to date to avoid any security holes. In many cases, the Web host handles the OS updates, enabling you to keep on top of your script updates. Lock down folder permissions instead of allowing everything read/write access. You want to avoid as many vectors for cyberattack as possible.

Photo credit: Chad Cooper