by Kevin Harris
Cybersecurity breaches impacting multinational corporations have become increasingly common in today’s digital age. These breaches can have significant consequences for large corporations, such as fines, lawsuits and devastating damages to brands. Unfortunately for small businesses, the reality is one cybersecurity breach could be insurmountable leading to closure with an impact far greater than that of a large corporation. Entrepreneurs and small businesses alike must take steps to protect digital assets if they wish to remain in business.
The heavy demands of a business can easily contribute to a neglect in devoting time to gain additional skill sets in areas not directly related to the organization’s product or service offerings. Regardless of the size of a business, participation in cybersecurity awareness training should be mandated multiple times a year. It is critical that individuals with limited onsite technical personnel stay current on rapidly emerging cyber threats. Various forms of cybersecurity awareness programs including online and in-person allows organizations to deploy a solution appropriate for the existing needs and environment. Regardless of the number of employees or available resources cybersecurity awareness training must be incorporated!
Large organizations employ a wide range of hardware and software solutions to mitigate the impacts of cyberattacks, but small to midsize organizations would be careless to not implement a baseline of strategies even if there is only one employee. Virtual Private Networks (VPNs) are a must for individuals who access the internet from multiple locations. While the prevalence of wireless fidelity (Wi-FI) enables individuals to work from almost anywhere, the data transmitted has a high likelihood of being intercepted without the use of VPNs that encrypt traffic prior to transmitting.
The utilization of devices is another area of concern for smaller businesses for multiple reasons. The lines are often blurred when work is performed remotely creating a tempting situation to use one computer for both personal and business needs. In reality, using a computer for dual purposes should be avoided for a vast amount of practical and personal rationales. A machine should be dedicated specifically for business needs and efforts made to avoid accessing client information on a personal device.
Additionally, family members should not be allowed to access the business computer for personal tasks such as watching movies, checking email or accessing the internet to reduce the chances malware is introduced. Mobile phones are other devices storing sensitive information and should be managed accordingly which include ensuring antivirus and screen locks are utilized. Confirming software including operating systems and security suites are updated regularly is often the responsibility of the device user. If there is limited IT support, then the significance of this role should be thoroughly comprehended by the user.
Kevin Harris is the founder of Harris Coaching and Consulting, Inc. He can be reached at firstname.lastname@example.org.