We hope you had a great Halloween and are enjoying all the sweet treats! Those cute little trick-or-treaters probably didn’t give you a fright – but we might.

It’s a scary thought, but the majority of cyber intrusions and attacks happen to small and midsize businesses – and you may be at more of a risk for a cyber threat than you think. Did you know that 60% of small businesses go under within six months of a cyber attack? Now that is what we consider a real scare!

Unfortunately, many small business owners believe that cyber hackers are only interested in large corporations, which is exactly what hackers prey on. Approximately 71% of data breaches in Canada are on small and medium-sized companies. Small companies tend to be easier to hack, because they often lack the resources and protective barriers that larger ones have to fend off cyber hackers.

October is National Cybersecurity Month. So as the month has recently come to an end, let’s review how to keep your business protected and cyber-criminals at bay.

What Information Should Small Businesses Protect?

The best way to avoid a cyber attack is to prevent it.

You may be thinking that your data is not beneficial to hackers or that you are not at risk of an attack. Think again! All data that is valuable to you and your business is useful to cyber-criminals. Anyone who uses the internet is at risk.

Cybercriminals are crafty and constantly evolving. They have ways of infiltrating your system when the proper protective barriers are not in place and harvesting your important information.

What they are after:

• Client records (demographic information, account activity and passwords)
• Contact lists
• Employee Information (including email addresses and passwords)
• Company banking information
• Credit card numbers

How they get in:

• Compromise servers
• Infect computers with viruses and malware
• Access your system

Know the threats:

• Email scams
• Phishing attacks
• Botnets
• Viruses
• Trojans

13 Tips to Stay Protected

1. Password security:

   • Keep your passwords safe and confidential.
   • Choose unique and difficult-to-guess passwords.
   • Use free password generator sites for help.
   • Change passwords regularly.
   • Avoid using the same password across multiple platforms.

2. Keep software and operating systems up-to-date:

   • Make sure you install software updates as quickly as possible. Many of them include security enhancements and bug fixes that could help defend you from cyber attacks. You can find our latest updates

3. Read the terms and conditions:

   • When installing and downloading applications and files, don’t be so quick to ignore the familiar terms and conditions pop-up. This is where you agree to the kind of access you’re giving to various parties on information – including your location, phone number and client names.

4. Beware of phishers:

   • Cyber-criminals use fake emails, text messages and websites to trick your employees into giving their important info – and it’s called phishing. Passwords, usernames, credit card numbers can be taken, sold, and used. Criminals may even impersonate your business to try to scam your customers.
   • Employees should never respond to emails requesting private information, or click on links from unknown sources. Encourage them to be on the lookout for email scams where the message is alarmist, has spelling mistakes, offers a deal that’s too good to be true, or requests sensitive information.

5. Back everything up:

   • It’s critical that you regularly back-up your information, from customer records to accounting files. This will lessen the damage in the case of a breach or computer problem. You can back-up your Universal Office through cloud storage services or an external hard drive.

6. Educate your employees on cyber safety:

   • Employee education is the first and best defense.
   • Even the most sophisticated security software won’t protect your business if employees click on improper pop-ups or fall for phishing scams.

7. Lock computer screens:

   • Lock device screens when you are away from your desk to help keep workstations secure.

8. Protect laptops in public:

   • If cyber-criminals get a hold of an employee’s computer or mobile device, they can mine it for the important information. Be mindful of where and how your devices are stored.

9. Contact IT in an emergency:

   • In the case of a potential breach or theft, contact security or your IT department immediately to limit the damage.

10. Install the right security software:

    • Make sure your computer systems are installed with the most up-to-date antivirus and anti-spyware software. Many security software companies offer software programs tailored to small business needs, for prices that will fit within your budget.

11. Secure your wireless networks:

    • If you leave your wireless network unprotected, you are leaving an unlocked door for intrusions. Make sure your wireless network is set up to hide the service set identifier (SSID) and encrypt your network with strong passwords.

12. Decide who has administrative privileges:

    • Restrict administrative privileges to the key decision makers within your business. This will help control unexpected changes to your network, and limit your exposure to cyber threats.

13. Secure physical access to your network devices and computers.

    • Ensure that your office space is safe from unauthorized visitors, and that easy-to-grab laptops and mobile devices are stored securely and installed with remote tracking software.

For more tips and tricks, visit the Government of Canada’s Get Cyber Safe Guide for Small and Medium Businesses, and check out our previous Security From Inside Out blog.