Large corporations and well-known brands get a lot of media attention when there’s a security breach. But today, even the smallest business is potentially a target for cyber crime. Cyber criminals have an ever-growing pool of technology that gives them the ability to target hundreds, if not thousands of unsuspecting victims simultaneously.
The amount of data breached can be just as big as though they targeted a huge corporation like Apple, IBM or even the U.S. Government. This is especially true with the growing number of devices connected to the internet: The Internet of Things (IoT). In fact, the National Cyber Security Institute lists The IoT as the 2nd largest cyber threat for small businesses.
Millions of IoT devices provided the gateway for the massive attack on Dyn, which resulted in Netflix, Reddit, Twitter, Spotify and many other sites completely going down. These are large, successful businesses and websites that probably all have IT teams dedicated to security… unlike most small businesses. So what can you do if you don’t have the budget or the means of having an entire team ready at your disposal in the case of a website problem?
Don’t Assume Security is in Place
Businesses of all sizes have easier access to technology today thanks to the many SaaS platforms out there. But rarely do business owners directly question a service provider about what security measures they have in place. Don’t be that guy. Be proactive and ask questions. Know what they’re doing and how they’re doing it in terms of security and protecting sensitive data.
We aren’t talking about staying up to date with the news (though that’s a good idea, too). We’re talking about everything from routers to the platform you run your website on (WordPress, Drupal, etc.). Hardware, software, firmware… Always make sure you’re using the latest version and have any sort of patches that are released.
Only Use Secure Connections
Employees today often connect with the company outside of the office. Whether at home, the park or a restaurant, make sure that any connection is only allowed in a secure environment. A virtual private network (VPN) is ideal for this. Require that employees be connected through a secure VPN that encrypts all internet traffic in order to access the company network.
Prepare for DDoS Attacks
DDoS (Denial of service) attacks are a cybercriminal’s favorite. They basically send thousands of visits, or connections to your site with the goal of overwhelming it. It’s an effort to intentionally shut your website down and make it unavailable for customers and visitors. If you sell your product or service on your site this can obviously affect your revenue. If it’s just an informational site, it can affect your reputation and possibly put a dent in sales. Either way, you need to be proactive and have measures in place to protect yourself from these attacks.
Talk to your ISP (Internet Service Provider), as some ISPs partner with security services to mitigate any incoming attacks. Also check with your hosting provider for possible solutions. Here at Hostwinds, all dedicated servers and virtual private servers come with optional enterprise-level DDoS protection that can mitigate an attack of any size. If you are interested in learning more reach out to us at +1 (888) 404 1279, email us at firstname.lastname@example.org or visit the website, www.hostwinds.com, to speak with a live representative 24/7/365.