Cyber Security for the Small Business

Cyber Security For the Small Business

Cyber Security Month

October is Cyber Security Month. If your company uses any kind of computers, cell phones, networks, software, etc. to go about its business, then this month applies to what you do day in and day out. Having these technologies makes our lives more advanced and efficient but they also leave us open to security issues. Business large and small have to have plans and processes in place for how they deal with their digital technologies BEFORE something terrible happens.  It can seem like a big undertaking for the little guy given that the big guys seem to be hit time and time again. Yahoo for example, was recently the victim of yet another network security breach. One might ask what can a small business do with limited funds?   After all, if large companies with departments solely dedicated to thwarting cyber intrusions cannot stop hackers, what can a small business do?  The answer is simple – plenty.

  • Understand Your Business Network

Chances are that your business network has a wireless network (called a Wi-Fi network).  The Wi-Fi network is what allows your computers, smart phones and tablets to connect to your business network.  Your business connects to the internet through either a router or a wireless access point which in turn connects to the router.  Both of these devices will broadcast wireless signals that the various devises in your business will use to connect to the internet.  As a result, you need to know what type of system you have and how to secure the wireless signal as a simple step to protect your business network.

  • Change Administrator Password and Login

Most routers and access devices are shipped from the factory with a default administrator password and login.  Unfortunately, this information is well known and quite easily found with a quick internet search.  Accordingly, one of the first things you should do when you set up your small business network is to change both the administrator login and password.  If you fail to do this, the overall security of your network is extremely weak. Try a password generator to choose something that has no connection with your business and difficult to crack.

  • Change the Name of the Network – SSID

The SSID stands for service set identifier is essentially the name of your business network.  The SSID is the name that your device will see when it is searches for available networks. Why make it easy for hackers to identify the network they are trying to hack?  Try for a unique name that is not personal to either yourself or your business so cyber intruders will not be able to associate your network with your business.

  • Encrypted Networks

Make sure your wireless network is using the most advanced encrypted network.  As of right now, this would be WPA2.  If you use this, users will be asked a password to connect to your network.  Make sure the password is strong AND different from the administrative password.  We strongly recommend that you do not give your clients access to your business network.  Instead, consider having a guest network.  This way, while you are still providing a nice convenience to your clients, you are not giving your clients access to your business network.  Finally, disable Wi-Fi Protected Set Up or similar setting that allow devices to connect to the network without first entering the password.

What’s Next…

While these steps are by no means a guaranty that you won’t get hacked, they are at least a first defense.  An analogous way of thinking about this is that the brick and mortar thief will go from house to house until he finds one with the back door unlocked.  Doug Leavitt and the attorneys at Danziger Shapiro & Leavitt don’t want you to be that unlocked house.  Make the cyber intruders go down the street.   For additional information on cyber security in general or specific to your industry, take a look at Securing the Human.  Otherwise, please feel free to contact us to discuss this or any other issue that is affecting your business.

This entry is presented for informational purposes only and is not intended to constitute legal advice.

Contact Information