Cybersecurity is certainly nothing to be ignored by organizations no matter their size in terms of client base, staff or sales revenue. Cybercriminals don’t discriminate when it comes to choosing their victims. While bigger organizations may be better equipped to thwart a cyberattack, smaller businesses may lack the resources to do so. Smaller businesses will also find it more difficult to bounce back from a cybersecurity incident. However, that doesn’t mean small businesses should give up on cybersecurity altogether. There are many ways in which SMBs can up their cybersecurity game. Here are just two…

Backups
By conducting regular backups of their data, businesses can ensure that any unforeseen data loss, theft or ransomware causes minimal damage. One caveat here though is that the data backups have to be stored safely such that they are ‘clean’, as in uninfected, and readily accessible. Also, the keyword here is regular. Backups must be as frequent as possible, to ensure that data loss is minimal.

The days of backing up to tape should be well behind us: tape backups are full of opportunities for failure, whether it be failing to backup or restore what was thought to have been captured. All backups to removable media require end-user maintenance to rotate, maintain and verify the media as well as get copies to a location safe from loss or damage—say from flood or fire. Automated backups to the cloud offer an advantage of eliminating the failures due to bad media and take care of getting data off site, but there are still potential problems:

• What data is actually being captured?
• Are the backups being verified?
• How long would it take to restore your data to fully recover business function?
• If your network is hit with malware, is your backup protected from compromise?
• How secure is the cloud storage for your backup?

The above questions can all be addressed by a quality, professional backup solution designed for business use. The good news is, that such solutions which used to be out of reach for most small businesses are now a very reasonable business expense. Contact an MSP today to see if you backup meets these demands.

Password Hygiene
Training employees in the importance of maintaining good password hygiene is critical. Broadly speaking good password hygiene involves:

• Using passwords that are not easily decipherable. Examples include avoiding passwords that can be easily guessed such as the company or user’s name, vocabulary words, even in a foreign language aren't especially safe.
• Using a combination of upper and lower-case letters, symbols, and numbers in a string of twelve or more characters.
• Not sharing passwords with anyone, no matter who asks for it, or however urgent it sounds.
• Not reusing passwords for multiple accounts—or slight variations, for that matter.
• Updating passwords regularly and also when an employee who had the access leaves their position or has their access revoked.

With so many accounts requiring logins, users need to find a secure way to keep track of complex, strong and unique passwords. Sticky notes on the monitor or bottom of the keyboard will not do! Consider the use of trusted password managers or other secure means to create and keep track of passwords. Since many accounts now require additional recovery information and multi-factor authentication, a secure spreadsheet can help to keep track of these bits of info. Again, a trusted MSP will be able to help you device solutions for your business.