October is Cyber Security Awareness Month—a time dedicated for small businesses to focus on addressing issues with their computer and network security. Make no mistake about it, small business merchants are squarely in the crosshairs of cyber criminals for two reasons. One, their information (credit card data, bank information and personal information) is just as valuable as bigger merchants, and two, the very fact that SMBs don’t have a huge cybersecurity IT team makes them easy targets, and cyber criminals exploit this regularly. The numbers bear this out.
Overall, nearly half of all cyberattacks (43%) target small business. The consequences of these attacks are significant. Companies spent an average of $879,582 because of damage or theft of IT assets, and disruption to normal operations cost an average of $955,429. It’s clear the problem isn’t going to go away on its own. Thankfully, there are definite steps you can take to protect your business—and your customers—from the threats of cyber attacks.
Obviously, the best way to survive a cyber security breach is to not be involved in one in the first place. But with the proliferation of hackers and cyber crime, it’s becoming more and more difficult to avoid. We’ve all heard the phrase, “failing to plan is planning to fail.” It’s especially true when it comes to cyber protection. Assess your company’s cyber security risks and be aware of the realities of the latest threats. Then, know how to respond in the event of a breach along with the proper ways to recover and mitigate the damage from cyber attacks.
Yes, this really is still an issue. And the reason is twofold. Sixty-five percent of SMBs that have password policies say they do not strictly enforce them. Luckily, the fix is pretty simple. Making a strong, easily remembered password is as easy as stringing together a few words—with spaces—that have significance to you. In fact, it makes more sense to call this updating your pass phrase. Multiple word phrases are far harder to break than single word and number combinations. Considering that 4 out of 5 breaches were the result of stolen or easily guessed passwords, the importance of taking this step can’t be overstated.
Lots of merchants drag their feet on this step because it requires buying a new device. But what a lot of small business owners fail to realize is that they really can’t afford to NOT upgrade their device. If you don’t upgrade, are stung by fraud, and are found not using the latest standard in cybersecurity, i.e. a chip reader, the business itself is liable to cover any losses incurred. In other words, not upgrading exposes you to potentially unlimited losses from fraud and could, quite simply, wipe your business out. It’s no joke and worth the investment.
Clover has a full suite of POS devices that can get you fully PCI and EMV chip compliant, each of which comes with built-in Clover Security. With the included end-to-end encryption and tokenization, your customers’ data is virtually unreadable, giving both you and them peace of mind.
It’s the responsibility of the merchant to educate and train their employees (and contractors) into proper protocol and data handling procedures. Show them what to look for and teach them how to steer clear of potential land mines in things like phishing schemes or dangerous web practices. Then, review these instructions frequently. Hold quarterly updates to refresh and re-emphasize the importance of adhering to best practices.
With a comprehensive plan in place for your computer and network security, updated passphrases, upgraded POS systems and well-trained employees, your business is well on its way to improved cyber protection.
[image: Malware Infection by Blogtrepreneur on flickr]
Sign up and learn more about Clover.