You can’t seem to watch the news without hearing about a major new security bug or corporate hacking scandal. Heartbleed and Shellshock scared many Internet users, and soon articles on how to improve cyber security began to appear everywhere. Small business owners need to be especially savvy about cybersecurity, as much of their business is web-based. Here are some things you need to know to keep your business safe online, as well as what to do in the event of a security breach.

· No business is too small to be vulnerable to hackers. According to the National Cyber ​​Security Alliance, 71% of cyberattacks target small businesses, with nearly half of small businesses reporting being attacked. Even more alarming, Experian found that 60% of small businesses that fall victim to a cyberattack go out of business within six months. The NCSA reported three reasons why small businesses are attacked so often: They don’t have the resources to respond to an attack, information like credit card numbers is often less protected, and small businesses may partner with larger corporations. large and give access to hackers. to those companies.

Make sure that all devices related to the company network or any company data have reliable anti-virus and anti-malware software. This is a basic, but easily overlooked, precaution against malicious files and other attacks. Your network should also have a firewall to protect the network as a whole.

· Educate your employees. In addition to making sure everyone in your company is familiar with your security system, it can be helpful to train employees on basic Internet safety and security. There are many resources online that raise awareness about phishing scams, security certificates, and other cybersecurity basics.

· Create strong passwords. For any resources that require passwords on your system, create (and have employees create) complex passwords that aren’t subject to social engineering or easy guessing. There are a number of guides available on the web on how to create strong passwords.

· Use encryption software if you handle sensitive information on a regular basis. That way, even if your data is compromised, the hacker won’t be able to read it.

Limit administrator privileges to your system. Set appropriate access limits for employees without administrator status, especially when using non-company devices. Limit administrator privileges to those who really need them and limit access to sensitive information by time and location.

· Study cyber insurance. Cyber ​​security breaches are generally not covered by liability insurance, but if you’re looking to protect sensitive data, talk to an insurance agent about your options.

Back up your data weekly, either to a secure cloud location or to an external hard drive. That way, if your server goes down, you’ll still have access to your data. SkySuite’s Boardroom Executive Suites cloud computing services are an ideal tool in this area.

If you have determined that there was a security breach, find out the scope of the attack. This is a good time to call in an expert cyber security consultant. This will give you an idea of ​​what damage you need to mitigate and will tell you if it was a generic mass-produced attack or a specifically targeted one.

· Once you’ve done this investigation, shut down all your systems to contain the damage.

Repair affected systems. You can use master disks to reinstall programs on your devices. Then, with the help of your consultant, find out where the gaps are in your security system. To prevent another attack from happening, use this as a learning experience to strengthen your protection. This likely includes educating your employees about what went wrong and what they can do in the future to prevent that from happening.

Be honest, transparent and timely in your communication with your clients. Let them know what happened and what you are doing to fix it.