Hackers are everywhere. What’s your security “Plan B?”

33471099_MEvery day your small business faces numerous security threats. Will yours be able to defend itself against the latest attack? Here are a few practical tips to take a proactive approach against potential security threats:

Control internal access. Adopt a policy that lays out clear boundaries for what employees can and cannot access. Privileges should be based on well-defined roles, which might limit access to administrator and/or root accounts. Of course you’ll want to ensure these passwords are not shared, are changed frequently, and you have measures in place to restrict or modify access. Create a policy that defines such actions and update it regularly. Don’t stop with current employees. Think about potential risks outgoing workers might pose. For this reason, implement confidentiality and non-disclosure agreements so they can’t walk away with company property or data and use it for unacceptable purposes.

Foster an environment of security. Make educational resources on security available to all staff. Sessions or workshops might provide an overview of logistics and basics of security, but also can address such topics as the psychology and known techniques of social engineering hacks.

Have a contingency plan in place. In the event of a security breech, any organization should have a “Plan B” ready to implement. A contingency plan can be executed in the event an attack penetrates the system and damages data or any other assets. This plan can prevent a business from having to temporarily shut down operations while resolving the problem. Its ultimate goal is to maintain the availability, integrity and confidentiality of data. According to Microsoft, the contingency plan should:

  • Address who must do what, when, and where to keep the organization functional.
  • Be rehearsed periodically to keep staff up-to-date with current contingency steps.
  • Cover restoring from backups.
  • Discuss updating virus software.
  • Cover moving production to another location or site.

In short, it’s best to not wait until it’s too late to take action. A proactive approach can save you a lot of headaches later.