Just because you run a small business don’t think you’re safe from hackers. On the contrary, your company is more likely to come under attack because it is small. Most small businesses’ systems are easily infiltrated, so more and more, cyber criminals are opting to attack them instead of large enterprises.

Why are small businesses easier to infiltrate? They tend to have fewer safeguards in place than larger enterprises. Small-business owners erroneously believe that because they have fewer clients and therefore less data to compromise, they offer little enticement for cyber thieves. On the contrary, because cyber criminals can penetrate small businesses’ systems more easily, they will hit several small businesses in the same amount of time that it would take them to get past all the security measures of a large enterprise.

Email is still the most common form of communication used in business. Hackers know this and will use email to infiltrate a company’s system. They can do this via tainted attachments or hyperlinks. Other, bolder criminals will call or visit a business pretending to be network administrators or representatives from a security firm. Teach your employees how to recognize when someone is on a phishing expedition. One mistake could ruin your business and your reputation.

Data security is paramount to the success of your business. You are responsible for protecting your clients’ information. If their credit card information gets stolen because a hacker infiltrated your system, even if their credit card companies don’t make them pay for the fraudulent purchases, they will still blame you. Trust is one of the most valuable things you can get from your clients. Once that’s lost, it’s almost impossible to get back. In fact, some clients will never put their trust in you again. And they certainly won’t be referring any of their friends or colleagues to you. So, not only have you lost current business but also future business.

Besides making sure you install firewalls and update security software programs regularly, establish best practices for you and your employees to follow. Use complicated passwords that use numbers, symbols and capital letters. This makes them tougher to guess. Complicated passwords are also tougher to remember, so keep them written down in a small notebook that it’s store away from the computer. Change login passwords about once a month. Also, teach your employees how to recognize suspicious emails. To make it easier for people to remember to follow these best practices, you could post them in the break room and above copiers and fax machines. When it comes to recognizing suspicious callers or visitors, you could run regular drills. You could make them fun by offering a prize to the person who “catches” the most suspicious visitors. Or you could divide your employees into teams, depending on how many you have. Gift cards or branded merchandise could be offered as prizes.

You really can’t take too many precautions when it comes to protecting your company data. Your clients rely on you to keep them protected from cyber criminals, too, so anything you do to protect your business also protects your clients.

Looking for a trusted IT security firm to help you protect your business information and data?  Call us today.

Banks and other businesses, like government agencies, have paper documents with social security numbers and other highly sensitive information on them. So, when it comes time to dispose of those documents, they shred them first. Some outsource the shredding to paper shredding companies. Others have their documents incinerated. But what do you do when the documents you need to get rid of are stored on your computer’s hard drive?

Well, for individuals who plan to recycle or re-use their hard drives, one option would be to download free hard drive erasing software, such as Freeraser, KillDisk or SDelete. If you’re leery of downloading freeware from the Internet – as you should be – then you can buy software like WipeDrive for as little as $20. But that’s for individuals or small-businesses with fewer than 10 employees. But what if your small business has 20, 30 or 50 employees?  Is erasing computer hard drives really the best use of your IT team’s time? Probably not.

Fortunately, it’s not necessary for small-business leaders to spend time wiping clean every hard drive on every desktop or laptop computer that they plan to recycle or discard. Just as you can shred paper documents before throwing them in a recycle bin or dumpster, you can also shred or, more accurately, have shredded, any hard drive that you no longer plan to use for your business.

If you’re going to do that, then you probably should check, double check and triple check to make sure that all relevant or mission-critical information has been transferred and stored elsewhere. The same thing applies to small-business leaders who decide to completely erase their computers’ hard drives. Once that data is gone, it’s gone forever.

Hard drive shredding must be catching on because there are a few companies already offering these services. Data Killers, for example, offers hard drive shredding, hard drive erasing and degaussing (another way to wipe clean a hard drive that renders the hard drive unusable) services, on site and off site, for corporations and government agencies. Federal Document Shredding also provides on-site shredding for small and large businesses, government agencies and health care facilities. The company is HIPAA compliant and even offers x-ray destruction services. PC Recycler, Inc. offers its services not only to corporations and government agencies but also to individuals in the Virginia, Maryland and Washington, D.C. areas. For only $10, an individual could bring the hard drive from his PC to one of PC Recycler’s “shredding events” and watch as the hard drive is torn into tiny bits. As with Data Killers, PC Recycler offers on-site and off-site shredding services to businesses.

It’s more than a little daunting to think about where your last computer went and who’s using it, especially if all you did was reformat your hard drive before donating your computer to Goodwill or selling it to a pawn shop. Individuals and small-business owners who want to ensure the data on their hard drives are forever inaccessible, could use software like WipeDisk or Freeraser to wipe their hard drives themselves if they don’t want to hire a shredding service. But for leaders in larger businesses, hiring a service like Data Killers or PC Recycler to come in and do the wiping or shredding for them really is money well spent.

Sophos’ Security has released their round-up of the most prominent threats of the last year and a look ahead at what to expect in 2012.

This is a fairly long read, however we urge you to chip away at it when you can. Every business owner should all be keenly aware of the security threat landscape. Ultimately it will help us protect our systems (both in the office and at home) more effectively.

As always, please contact your trusted IT security team with any questions or concerns.

Download the report - Sophos Security Threat Report 2012