There have been some high-profile cyber attacks in the news lately. The pipeline problem from a few weeks ago kicked off gas shortages across the Eastern US and ended with a $4.4 million payout to the hackers.
A couple more hit the news this week with the biggest being one of the largest meat suppliers in the US. In addition, ferry services to Martha’s Vineyard and NYC’s subway system have also reported attacks this week.
As a small business, you’re probably safe from a direct attack like you’re seeing in the news in most cases. With so many billion-dollar targets out there, there isn’t a line of hackers out there trying to single out your business and inject some ransomware on your computers. There are, however, some things you should be thinking about as part of your technology management systems to help ensure your business maintains smooth operation.
In all likelihood, your business is using something from at least one company that is a juicy target for these types of direct attacks and you could be adversely impacted should one of these companies fall victim to an attack.
Back Up Your Data
Your tech management systems should include a backup of your critical business data. This can help you get back up and running in case of an attack that locks all your data down as well as helping to protect you from data loss due to other factors, like a broken hard drive.
There are a plethora of cloud services available like Dropbox, Box, Google Drive, OneDrive, etc. that allow you to store files in the cloud. These are great to use as either primary or secondary storage areas for your business data, but they should not be your only location for your business’s info.
If you had all your files in Dropbox and Dropbox was attacked, you could potentially suffer delayed data access up to complete data loss. For this reason, you should have something more than just “files in the cloud.”
For my and my business, I keep everything on Dropbox as the primary file storage. In addition to that, I back up my Dropbox data to an external drive I keep at my house. I do this manually about once a quarter or whenever I’ve finished a major project that has lots of digital assets associated with it. After I complete a new backup on the hard drive, it gets stored in a fireproof safe away from my computer.
Keep Software Updated
If you’ve read this far, you’ve at least got some need/interest in tech for your business which means you have a computer, mobile device, and potentially a lot more. All of these devices run software that needs occasional updating. Oftentimes, these updates are closing security vulnerabilities that were just exposed prior to the update being released. Updating the software on these devices fixes these vulnerabilities. If you didn’t update and left a vulnerability open, this is something that could be used to access your device and data.
Updating software also includes the applications you use in your business. Some software is updated automatically, either because there are automatic settings configured or because its cloud-based and updates are controlled by the vendor. This would include things like WordPress, used to manage websites, and all of the plugins associated with WordPress. You’ll have to account for each of these applications used in your business and make sure they are being regularly updated.
Use a Password Manager
Are you one of the guilty ones? You have one or maybe two passwords you use for everything? Easy to remember and no-hassle logging in anywhere, right?! Also, relatively easy to find yourself in trouble later on if someone gets ahold of your password.
Keeping different passwords for everything is near impossible to efficiently do without some kind of password management tool. Today’s tools make it easy to keep unique and difficult to guess passwords for anything and everything that needs a password these days.
Personally, I use Keepass. When coupled with Dropbox, I can get into my passwords from any device and can easily enter them into websites, software, or mobile apps.
Ultimately with any technology, there is a risk. Nothing is 100% safe, so you want to use tools where they help but be smart about what information/data you put whereas this will be the best defense against ransomware and/or lost data.
This isn’t meant to be a complete list of everything you can or should be doing but points you in a direction that will give you high value for the time spent on these three activities. You’ll better protect your small business data without blowing a fortune on security experts or excess process and tech.