Proudly serving Virginia, Maryland and DC // Call us today! 703.396.6120
V2 SystemsV2 Systems
Small Business IT Security Basics, Part 2: Investing in Cybersecurity

by Erik Briceno

Small businesses increasingly rely on information technology to reach new markets, increase employee productivity and lower operating costs. At the same time, theft of digital data has become the most commonly reported fraud, surpassing physical theft.

The average cost of cybersecurity incidents ranges from about $34,604 for a small business to $1.05 million for a large business. That’s why companies of all sizes need a strong cybersecurity strategy to protect their data — the lifeblood of their business.

In Part 1 of Small Business IT Security Basics, we listed five essential steps that every company should take. Here are the next five actions for small businesses, starting with making sure your entire team is engaged.

Security 101 Continued: 5 More Steps to Take

1. Train your employees in security principles.

Make sure your employees understand the importance of maintaining a secure IT network. These efforts require constant vigilance on the part of your IT staff or IT managed services provider. Having your whole team on board will make the process easier and reduce the risk factors.

  • Create basic security practices and policies for employees.
  • Establish rules for handling and protecting customer information and other vital data.
  • Determine appropriate internet use guidelines and specify penalties for violating them.
  • Don’t open emails or attachments from sources you don’t know or trust.
  • Use two-factor authentication when possible.

2. Limit employee access.

Don’t give away the keys to your kingdom — in this case, by providing too much access to your data systems. Employees should only be given access to what they need to do their jobs. In addition, be cautious about downloading and installing software, limiting who has authority to do so.

3. Create a mobile device strategy.

Mobile devices are an essential element of every business, but they can create significant security and management challenges. In addition, the number of workplaces allowing BYOD — Bring Your Own Device — continues to grow. It’s essential to implement a strategy to address the inherent security threats that come with the mobile devices employees use to access company data and do their jobs.

4. Enforce strong passwords.

It may seem obvious, but creating and using strong passwords can be an important deterrent when it comes to keeping data safe. Establish a strong protocol for creating passwords and regularly changing them.

5. Follow best practices for payment cards.

If your business is processing credit card payments from customers, you need to take extra security steps to ensure you’re using the best tools and anti-fraud services. The PCI Security Standards Council offers guidance on protecting credit card holder data.

How to Safeguard Your Data

Small Business IT Security Basics, Part 2: Investing in CybersecurityAlong with these tips, the National Institute of Standards and Technology (NIST) recently updated its Cybersecurity Framework. It provides organizations of all sizes — government and private — with standards, guidelines and best practices for managing cybersecurity risks.

This framework is structured around five key functions — identify, protect, detect, respond and recover — that help companies learn how to put appropriate safeguards into place that will minimize potential cybersecurity incidents.

When such incidents do occur, research has shown than 65 percent of small businesses have failed to act following a cybersecurity breach. That’s why experts recommend that, for smaller businesses in particular, “Outsourcing cybersecurity can be an effective way to increase preparedness. Engaging a consultant can mean lower costs and a quicker ramp up of your cyber program.”

Every business should create a culture of security. Your employees must be aware and engaged in the process of protecting your company’s data, but an outside firm can lend expertise. Call us for a free consultation, and we’ll talk about your security needs — no strings attached.

Our expert engineers can design safeguards that are an integral part of your IT network right from the start. Together, we can develop an IT security plan that meets your needs and fits your budget.

Since 1995, Manassas Park, VA-based V2 Systems has employed local systems administrators, network engineers, security consultants, help desk technicians and partnering companies to meet a wide range of clients’ IT needs, from research, to implementation, to maintenance. Concentrate on your VISION…We’ll handle the TECHNOLOGY!

 

 

ebriceno
About ebriceno
Erik Briceño is the owner of V2 Systems, Inc., one of Northern Virginia’s leading Information Technology Managed Service Providers. He is an inspiring leader for its employees and instrumental business partner for its customers. He is passionate about V2’s purpose, dedicated to exceeding expectations and a consummate professional not afraid of jumping in and getting his hands dirty. Prior to joining V2 Systems in 2002, Erik was a co-founder and COO of Ampcast.com, a leading provider of online resources servicing over 5,000 independent musical artists. At Ampcast.com, Erik spearheaded all aspects of corporate development, funding, strategic vision, and business development for the firm. From 1997 to 1999 Erik held the position of Acoustic Systems Engineer for Electric Boat Corporation, a leading defense contractor. In this role, Erik was responsible for the acoustic fidelity of two noise critical systems and components in the US Navy’s nuclear submarine systems. Erik holds a B.S. in Mechanical Engineering from Vanderbilt University and a Masters of Business Administration from George Mason University. When not working, you will find Erik a dedicated family man, raising two young children with his lovely wife Karen. Together, they enjoy building legos, playing baseball, skiing, riding horses, swimming, traveling, and fixing up old Mopars.
Small Business IT Security Basics, Part 2: Investing in Cybersecurity
Small Business IT Security Basics, Part 2: Investing in Cybersecurity