Future of Commerce Blog

3 Effective (and Easy) Ways to Protect Your Business Against Cybersecurity Threats


It’s hard to avoid the topic of cybersecurity these days. There’s the FBI’s recent feud with Apple, of course, and the increasing risk of ransomware, in which hackers hold an institution’s data hostage in exchange for payment. Now, victims don’t even need to have their identity stolen in order to lose significant sums. One hospital in Los Angeles paid $17,000 in order to regain access to its data. More and more people are getting letters from their health insurer or financial institution with the calamitous news that their personal information has been exposed by a recent data breach.

We know there are steps we should take as individual consumers to protect our information. But what about small business owners? Data breaches are expensive to fix, in time, money, and consumer confidence, no matter how small your business is. And, according to Symantec’s 2015 Internet Security Threat Report, 60 percent of all targeted cyber attacks in 2014 hit small-to-medium businesses. The nonprofit Identity Theft Resource Center reports that, as of March 22, there have already been 177 data breaches in the U.S., compromising over 4.6 million records. Last year, over 169 million records were affected by cyber attacks.

If 2016 is anything like 2015, around 500 SMBs will be the focus of attacks this year. You don’t want to be the local business sending out that we’re-sorry-your-data-has-been-exposed letter—and you may not be able to afford to offer your customers a year or more of free identity protection to shore up the damage. Think the FDIC or your general liability insurance will provide some protection? Think again. Federal consumer protections are not likely to cover business bank account losses; neither is general liability likely to cover losses due to a data breach.


Image from Towergate Insurance’s report “SMEs and Cyber Attacks: What You Need to Know

In other words, safeguarding against a data breach—and preparing for one—is something small business owners really need to have on their radar. The good news is that there are some effective, if not infallible, defenses small business owners can easily—and inexpensively— implement.

First, set up two-factor authentication wherever possible. Services such as Gmail and Twitter allow you to sign into an account by checking in with an app on your smartphone, or providing a special passcode sent to you in a text once you’ve entered your username and password. Such a precaution can be the difference between losing control of the sensitive messages or photos you send to, say, your staff in a mass email.

Next, consider using a password manager.You know you’ve done it—using the same passwords across several online accounts. Listen up! Criminals rely so often on this half-hearted attempt at cybersecurity, there’s actually a name for such attacks: password reuse. (We didn’t say it was an especially imaginative one.) Once a malicious hacker has cracked your email (or other) account, they’ll try that same email/username and password on major bank websites and popular social media sites.The solution? A password manager like 1Password (available for Mac and PC) or LastPass that creates and stores complicated codes that no thief will be able to guess. And, more importantly, you won’t have to remember them all. PCMag has a handy comparison chart of “The Best Password Managers for 2016”—scroll past the chart for a link to free password managers.

Use financial apps, such as Credit Karma, to keep track of your credit score. Credit Karma allows users to check their credit scores and financial information without having to pay any monthly fees. They make money by marketing cards to those users. Prosper Daily (previously BillGuard), another useful piece of smartphone software, allows you to monitor all your accounts, your credit score, and even provides spending analytics. The app also crowdsources fraudulent charges. That means that if another user flags a suspicious or fraudulent charge on their own account and you have a similar charge, you’ll automatically get an alert. The crowdsourcing doesn’t end there—otherwise cryptic merchant information is community-edited to help you decipher it.

Finally: Don’t freak out! Remember, breaches happen. People’s credit cards get stolen. The best things to do are to take simple steps like these and, most of all, to stay informed. You can keep updated on cybersecurity issues by reading Krebs on Security and Graham Cluely’s blog.

More Small Business Cybersecurity Resources

This blog was originally posted on Townsquared.com

Arie Shpanya

Arie is the COO, Executive Chairman, and Co-Founder of Wiser, a dynamic pricing and merchandising engine for online retailers and brands. He has extensive experience in business development with a focus on eCommerce (eBay and Amazon), and is a guest blogger on Econsultancy, VentureBeat, and more.

More Blog Posts

Learn how today's fastest-growing brands manage their inventory.