Best Practices to Help Small Businesses Recover from a Cyber Attack
This is my last column in a series about cyber security for small businesses. I wrote this series as a result of local CEOs having shared with me their concerns about cyber-attacks because they see it as a serious threat to their operation. They are keenly aware that digital transformation offers many benefits, it also comes with many challenges. The data shows that some 76% of cyberattacks occur at businesses with under 100 employees. Cybercriminals know small businesses tend to be easy targets, and that accessing a small business’s computer networks often gives them entrée to client and vendor networks, too.
In my last column I shared some suggestions on how a small business can protect their business from these threats. In this column I will give some suggestions about best practices for device security and then end with some suggestions regarding how to recover from a cyber-attack. I will share some information from a resource that SCORE and one of its content partners, Trend MICRO, created on this topic.
Best practices for device security
Take steps to secure your devices.
Computers and servers.
- Choose a centrally managed, business-grade antivirus (AV) security solution so you can monitor all the devices on your network, restrict user access and enforce security policies. Consumer-grade products don’t provide enough protection
- Implement multiple layers of protection. Installing AV software on your computers alone isn’t enough. Look for an all-in-one cloud solution that provides endpoint, web security and email protection.
- Isolate payment systems. Separate your point-of-sale systems or credit card readers from the rest of your network by putting them on a separate network or firewall.
- Restrict both physical and digital access to servers. All it takes is one malicious employee to wreak havoc.
- Require two-factor authentication to log onto servers.
- Update software, hardware and firmware regularly; set updates to install automatically.
- Whatever device people are using be sure to:
- Change default username /password;
- Disable remote management;
- Restrict access to specific addresses;
- Require two-factor authentication; and
- Update device software and firmware regularly.
- Enforce passwords or passcodes on devices.
- Take advantage of biometric identification technology if available; it’s more secure than using a password.
- Install security software on devices.
Wi-Fi routers and other network- connected devices like printers and copiers, etc.
- Use a separate Wi-Fi network for guests. Enable encryption using (WPA2).
How to recover from a cyberattack
Despite your best efforts, what if you’re hit by a cyberattack? Here’s how to handle it.
Step 1: Respond
- Turn off your computer, disconnecting your internet connection, or shutting down your router until you can assess the damage.
- Restore your data from backup. Experts tell me that they suggest using the “3-2-1 Rule of Backup”. They do this: Always have 3 copies of backup. Store backup using 2 mediums (for example, on a hard drive and in the cloud). Keep 1 copy offsite so a physical disaster at your location doesn’t wipe out your only copy.
- Bring in IT experts to help if necessary
Step 2: Recover
- Execute your disaster recovery plan. (If you don’t have a disaster plan, now is a great time to create one. Look for free templates online that you can use as a starting point and adjust based on your business.)
- Attend to any breach notification requirements. Depending on your industry, you may be required by law to notify customers, vendors or employees affected by a security breach.
- Evaluate existing and new technologies you can use to prevent future breaches. Are your current cybersecurity practices effective? If not, what can you add to better protect your business?
Here are some resources to learn more about cybercrime, develop a plan to protect your business from cyberattacks, and report a cyberattack.
- Trend Micro Internet Safety for Small Businesses
- National Cybersecurity Alliance
- Federal Communications Commission
- Federal Trade Commission
- National Institute of Standards and Technology
- FBI Field Office Cyber Task Force
- Internet Crime Complaint Center
Cybercriminals are crafty—but you can outsmart them by being aware of the risks and implementing cybersecurity best practices immediately. Educate your employees, implement a cybersecurity policy for your business, and put the proper protections in place. Taking these simple steps will help to prevent your business from becoming a statistic.
Copyright © 2023 SCORE Association, SCORE.org
Funded, in part, through a Cooperative Agreement with the U.S. Small Business Administration. All opinions, and/or recommendations expressed herein are those of the author(s) and do not necessarily reflect the views of the SBA.