7 Key Cybersecurity Tips for Small Businesses

A cyberattack can have serious consequences, with some small businesses shutting down for good due to the fallout. These are high stakes. With that in mind, here are seven key security recommendations for your small business customers:

1. Educate users: Industry research shows that employees mistakenly cause nine in 10 (88%) data breaches, making humans the “weakest link” in IT security. Trained workers, however, shift from liabilities to assets, becoming the first line of defense against cybersecurity threats.
2. Secure endpoints: Many traditional or anti-virus tools block only the malware they recognize based on signatures written into the AV software. More sophisticated endpoint protection platforms scan and block malware, using a constantly updated threat list, protecting every device on the network.
3. Apply security patches: Left to users, many security patches will be ignored, creating vulnerabilities that hackers know how to exploit. Remote work is complicating the problem and exposing new vulnerabilities. Businesses need strict patching policies, so users don’t ignore software update prompts.
4. Deploy firewalls: Firewalls let businesses choose which types of content to allow into their network, blocking unauthorized data while still allowing outbound communications. For remote workers, tapping business-grade Internet and connectivity can help.
5. Enforce password policies: Although users tend to resist them, passwords are necessary and should be changed regularly. Businesses should require users to use combinations with numbers, special characters and upper and lowercase letters to make passwords harder to crack.
6. Prepare an incident response plan: Since no security measure is 100% foolproof, businesses must prepare for the eventuality of a breach. Every business should have an incident response plan (IRP) outlining what steps to take and who is responsible for the response following an incursion.
7. Build a cross-functional security team: Avoiding, preparing for, and responding to security breaches involves more people than those in charge of IT and cybersecurity. Technical staff are usually the first to spring into action following an incident as they seek to identify the problem, assess the damage and start remediation, but the response also includes non-technical aspects.

For a closer look at these tips, read the full article on the Comcast Business Community.