Following the JPMorgan Chase, Target and Home Depot incidents, we are well aware the ramifications of being hacked or falling victim to a security breach are extremely costly.
Not only do these incidents put individuals, households and small businesses at risk, but these companies are also left with a hefty tab to try and fix things.
If customer data is breached, the company is responsible for paying to notify each affected party. In addition, they may even be required to pay for credit reporting to monitor customer accounts in order to catch fraudulent transactions.
Next, the affected business will need to hire an IT expert to find the source of the attack and purge the system of any harmful software, malware or viruses. During this investigation, systems and websites may be shut down for a while, which could result in lost revenue, not to mention te possibility of customer lawsuits against the company, holding them liable for damages caused by the breaches.
In Sony’s case, its 2011 data breach cost them $15 million after a class action lawsuit settlement.
Small businesses are in a difficult position. Owners feel they don’t have the time or resources to invest in proper security software or personnel. Budgets are tight, and smaller businesses certainly don’t have an IT department equivalent to that of much larger companies.
Having said that, without proper network security they’re left incredibly vulnerable. According to a survey by the National Small Business Association, about 44 percent of small businesses have been attacked, with company losses averaging nearly $9,000.
But even if these small companies aren’t hit directly, they can be affected when larger companies have their data compromised. In JPMorgan’s case, the attack on its servers compromised information of about 7 million small businesses. Similarly, many of Home Depot’s customers who had their information stolen where small contracting companies.
It may be the case that owners would rather spend their time and money focusing on elements that are core to their business; however, this may be an instance of spending in order to save. The gamble to avoid security expenses may prove more costly than the investment would have. If hit, you’ll have to pull money from the day-to-day operations to begin solving this new problem.
Nonetheless, not every security solution will break the bank. There are any number of simple steps, many of which are very affordable, that can greatly improve defences and strengthen network security. Here are just a few options small business owners should consider.
Hire an Expert
The first thing you’ll want is expert advice. That doesn’t mean you must hire a full-time IT professional. Many of these services are outsourced, which is perfect for small businesses. You can bring someone in on an as-needed-basis, which significantly reduces expenses. Have them set up your network, offer simple trainings, or call them in the event of a possible threat.
Install antivirus and anti-malware software. It seems simple, but so many companies don’t even use these basic services. There is even fairly good free software available. In addition, make sure you add firewalls to your defenses, which will block unwanted access attempts.
One of the more frequent access points for attackers is unsecured wireless networks. Be sure to set up your router so it doesn’t broadcast the network name and is password protected. If you don’t, anyone can remotely access your network.
Invest in the Cloud
Cloud storage is still a smart security option for small businesses. Cloud storage transfers much of the IT management and stress away from the business onto the vendor. Storing information offsite with a reputable cloud provider will limit the chance of an attack and give you access to data backup incase of a disaster. Also, you pay only for what you need, resulting in affordable solutions.
Unfortunately, no system is 100% hacker proof. Hopefully you never find yourself having to use it, but it would be smart to buy insurance. Some premiums can be as low as $1,000 a year for $1 million in coverage, which could cover your losses in the event of an attack.
About the Author: Rick Delgado is a freelancer tech writer and commentator. He enjoys writing about new technologies and trends, and how they can help us. Rick occasionally writes for several tech companies and industry publications.
Editor’s Note: The opinions expressed in this and other guest author articles are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.
Check out Tripwire SecureScan™, a free, cloud-based vulnerability management service for up to 100 Internet Protocol (IP) addresses on internal networks. This new tool makes vulnerability management easily accessible to small and medium-sized businesses that may not have the resources for enterprise-grade security technology – and it detects the ShellShock and Heartbleed vulnerability.
The Executive’s Guide to the Top 20 Critical Security Controls Tripwire has compiled an e-book, titled The Executive’s Guide to the Top 20 Critical Security Controls: Key Takeaways and Improvement Opportunities, which is available for download [registration form required].
Image courtesy of ShutterStock.