What you can do
Safeguarding your company against security threats doesn't necessarily mean hiring a full-time IT security pro for your small business. There are four simple steps any small company can take to protect against cyberattacks.
1. Use protection on every device: Regardless of the platform, use secure passwords and encryption on every device that touches your business, from phones and tablets to laptops and desktops. If the device supports third-party anti-malware apps like those from McAfee, Symantec, or Trend Micro, install one.
2. Run business-grade unified malware protection: Consumer antivirus apps aren't sufficient to secure a business's tech infrastructure. Business-class security suites offer multidevice protection that includes ensuring that all devices get regular updates and security patches. This is key, since 90 percent of attacks exploit outdated software bugs on unpatched computers.
3. Train your staff (and yourself) to practice good digital hygiene: Don't use the same password on multiple accounts. Don't follow links in email. Learn to spot phishing threats. Make sure everyone on your staff knows this stuff, and remind them often.
4. Get a security audit and heed its findings: One of Technologyville's clients learned this lesson the hard way last year when its financial services website fell prey to a teenage hacker who exploited open ports on the site's server to take control of the company's online presence. The security consultants had identified those threats in an audit for the company a year earlier, yet the company chose not to act until it was way too late.
The unfortunate truth about digital security is that protecting your business from online threats isn't a one-time expense or a set-it-and-forget-it solution. It's an ongoing process and a necessary part of running any business that relies on data and the Internet for its survival. Your website, your desktop and laptop computers, your mobile phones, and all the online services you use to manage every aspect of your business are all potential entry points for an attack. And if you don't protect them, or if you put security on the back burner as a future project, your company may not survive to get a second chance.
Sign up for CIO Asia eNewsletters.