Small Biz Hacker Protection

hacker-with-code-superimposed-image-from-shutterstock

Small Biz Hacker Protection: a reader asks…

I have a small business and am getting worried about getting hacked. Not my website, my on-premises infrastructure. Everywhere I read about how hackers are starting to target people like me. I don’t have a lot of IT infrastructure, just a few computers, a file server and some laptops that my sales team uses all over the territory. Do you have a short and sweet hit list of things I should do/don’t?

Short and sweet? How about a dirty dozen. I wish I could cut it down to three, but the threats are just too varied to allow for a simple protection plan. Without all the background, here’s the hit-list (in no particular order):

Advertisement
  1. If you’re managing your own email, activate your servers’s “Sender Policy Framework” and if your email is outsourced, make sure your service provider does this.
  2. Use your File Server for file sharing, skip the “sneakernet”. If you have to use thumbdrives, make sure they are 100% safe. Hackers like to sprinkle these in parking lots and sidewalks. While your’e at it, avoid non-commercial CDs, they too can have malware hidden on them.
  3. lastpass-logoUse good, strong (meaning long), and unique passwords. Make sure your employees are doing likewise (of course, a Password Manager like LastPass is required to meet the requirement for unique-ness).
  4. Don’t let your employees use public, open, or even customer’s Wi-Fi when on the road. You can get a Mi-Fi device for each of them with a low-cost data-sharing plan.
  5. windows-update-reboot-screenshotKeep all operating systems and installed software and apps up-to-date. Be scrupulous about this, outdated or unpatched software is the easiest way for hackers to gain entry.
  6. Be diligent in backing up everything.
  7. Train your employees to be wary internet & computer users. Automatic clicking often opens up a can of hacker worms.
  8. Get someone (an IT professional, not your uncle or an employee’s son) to periodically look at your your system from a security standpoing. Penetration testing is a fabulous idea!
  9. Make sure you have good networking equipment. Old equipment may be more vulnerable. Also keep the firmware updated, and make sure your security settings are strong. For that matter, old, outdated computers are also a security risk.
  10. Eyes open in your space. Question any stranger who gains or wants to gain entry to your business. That’s both physical and virtual.
  11. incoming-call-from-scammer-image-from-shutterstockDon’t trust email, it’s notorious for fake-ness because it’s never been a verified-identity communications platform. Anybody can send you email and make it look like it came from someone you know and trust.
  12. Make sure the other end of a virtual communication of any sort is real. It doesn’t hurt to pick up the phone and confirm that the website offering you supplies or services is a real business.
Advertisement

There, short and sweet. Feel free to use the comments section below if you need amplification on any of the items on the list. And I’m happy to take suggestions for other things to add to this list, if you have real-life experience and lessons learned to share, please share!

 

 

 

 

There are currently 674 reader comments on my articles, care to join in? Use the Leave a Comment form below/at the bottom of any existing comments. This is a good place to ask follow-on questions on this subject.

Leave a Comment

Your email address will not be published. Required fields are marked *

Copyright ©2017 Practical Help for Your Digital Life®. All Rights Reserved. Your use of this website implies that you agree to PosiTek.net® Terms of Service and Privacy Notice policies