I’ve heard it so many times: My business is too small to get hacked! Or, I don’t have anything hackers would want! Well guess what, that may have been true 20 years ago, it couldn’t be further from the truth today. With many attacks being automated, NOT targeted, any business of any size can be the next victim.
For instance, you don’t want to open an Excel attachment called “Invoice” from someone you don’t know – trust me, they’ll call you if you owe them money. A single crack in your armor can open the door for cyber attacks. It’s time to get serious about locking down your devices, e-mail filtering and teaching your users how to not lose last year’s profits to a crime ring.
Hackers today want data they can sell for profit, ANY data! So, if you keep a database of your client’s contact information, even if you only have a few clients, your business is a viable target. And it can cost you, BIG TIME! In 2019, the cost of each record that is stolen was around $150. Think about it: a first and last name, address, phone number, birth date, spouses name, etc. are all individual records, so the numbers add up very quickly.
What can you do?
Hackers typically go for easy targets. They know small businesses spend very little if anything on their cyber security, making small business low hanging fruit. You can reduce your chances of getting hacked by making your devices harder to hack than the next business. You may have heard the saying, You don’t have to outrun the bear – just the guy next to you.
There are three methods hackers use to attack small businesses that you can mitigate for very little (or no) cost.
- Phishing Attacks (with bad hyperlinks)
- Weak Passwords
- Out of Date Software
You don’t have to go all out and spend a bunch of money to thwart these types of attacks. For instance: Training your staff to recognize phishing attacks can be done for nothing if you take the time to learn enough from online sources to teach them yourself. If you don’t want to go that route there are services that will provide video training and test attacks to make sure you and your staff are capable of recognizing phishing attacks. To start, just do a Google search on “phishing email examples” and have your staff do the same. Then read these examples. You’ll pick up on various irregularities like, misspellings, bad grammar, too good to be true offers, urgent requests or demands, Updates to current events or breaking news, invoices you’re not expecting, etc..
Always remember: Think before you click!
Weak passwords are the easiest way for hackers to break into your devices. It’s just stupid/lazy people that are still using passwords like “password1”, “12345678” and similar easily guessed passwords. Hackers use sophisticated software that tries millions of dictionary words and sequential letters and numbers every second, and yet every year research shows that people are still using these ridiculous passwords. These types of passwords can be guessed by the software in less than 5 seconds.
Out of date software is another vulnerability that hackers exploit and has been for decades. We’ve all seen the Flash or Adobe Reader pop-ups that tell you there is an update to the software. But how often do you stop and install the update? Be honest!
Every software you have on your device needs to be kept up to date. Even the free software that came with your new laptop, that you never use. Hackers count on you NOT keeping your software up to date. Every time a new update is released, hackers go to work to reverse engineer the update to determine what was changed and then develop an attack against the vulnerabilities that were corrected, and they share them on the internet. By not updating your software, you are leaving a door open to a possible data breach. There are software tools available that will notify you what software is out of date and provide links to updates.
While all these steps can be completed by you or someone on your staff, it can be very time consuming. It is far more cost efficient and consistent for you to leave these details to an IT Partner like HBBTech, especially for the software updating. For just $15 per month, per device, we’ll keep that device’s software up to date!
HBBTech also provides a multi-level business grade security solution for small businesses. To learn more check out our services at computersecurityservice.com call us at (636) 542-8653.
That’s it for Tip #24 Next week’s Tip will be:
“Keep Sensitive Data Off Employee Devices”
Remember – It ain’t poisonal... it's jus bidness.
‘Til next time.
Sources:
https://cloudnine.com/ediscoverydaily/electronic-discovery/how-long-will-it-take-to-crack-your-password-cybersecurity-trends/
https://frankonfraud.com/fraud-trends/how-long-will-it-take-to-hack-your-password/