4 ways you can boost cybersecurity for your business

Small businesses are not immune to cyberattacks — in fact, they might be even more susceptible than larger companies. According to Entrepreneur magazine, half of these attacks target small businesses, and a Babson College report in 2016 indicated that about 25 percent have already been victimized. Still, more than 40 percent of business owners surveyed for that report said they aren’t adequately prepared.

Many probably think they don’t have the resources to spend on security. Others might not have knowledge of best practices for data management. And some likely hold onto the mistaken belief that hackers or other thieves wouldn’t target a company as small as theirs.

But with news of data breaches and other attacks seemingly hitting every week (just recently, a massive flaw in email encryption was disclosed), the time to start preparing is now. And although some steps do involve financial cost, others require only relatively simple changes to procedures and policies. Below are four actions experts recommend to make your business — and your data — more secure.

1. Require your employees to use strong passwords and/or multifactor authentication. Have you ever seen the “most popular passwords” lists that come out every so often? They’re filled with entries such as “1234” and “password.” Seriously. Unauthorized users often gain access to networks and databases just by guessing passwords.  By installing password software or change requirements, your employees will have credentials that are difficult or impossible for someone else to figure out. Multifactor authentication can be even better. For example, you could require users to enter both a password and a code from a security token in order to gain access to your system.

2. Encrypt and back up your data. Encryption helps ensure that sensitive data, such as customer information, isn’t easily accessible even if it’s stolen. Backing up data regularly can also protect you in the event of “ransomware” attacks, which aim to prevent victims from accessing their own data unless they pay their attacker. If you have your data backed up elsewhere, you’ll still have access.

3. Always keep your software updated. Check regularly for updates to antivirus tools, operating systems, and other programs — and then install them! There are a number of reasons to use cloud-based software, but here’s another one: The provider will handle updates for you automatically.

4. Provide clear training and policies for employees. In addition to the strong-password policy above, give your staff the knowledge to help protect your business. Teach them about best practices and how to recognize things like phishing emails — another common tactic attackers use to gain access to your network or steal sensitive information.

At Avalara, we use state-of-the-art technology to keep our data — as well as that of our partners and customers — secure, private, and safe. Our Information Risk Management Team works to keep our services up 24/7 while protecting user information and preventing data breaches. Click here to learn more.

Your business might not need that same level of protection, but it’s worth evaluating your processes and procedures to see where you can improve, because even small steps can prevent big problems.