10 commonly overlooked small business cyber-security threats

10 Commonly Overlooked Threats to Small Business Cyber-Security

(and What HR Can to Do About Them)Joey V. Price

Jumpstart:HR, LLC

http://www.jumpstart-hr.com/

10) Disgruntled EmployeesEmployees who leave your organization OR despise working at your company can be subject to releasing confidential information at will.

What to do: While you can’t protect 100% against willful data breaches, having employees sign an NDA and reminding them of their NDA upon termination can help mitigate risk.

Jumpstart:HR, LLC | Managed HR Services for Small Businesses and Start-Ups | http://www.jumpstart-hr.com


9) Stolen/Lost Cell Phones and LaptopsWith many employees bringing their own devices to work, your exposure to risk increases with every stolen piece of technology that contains confidential information.

What to do: Have employees install software that erases data on their phones/laptops once reported missing.



8) Outdated SoftwareFrom Apps to Operating Systems, software companies release updates that help prevent against the most recent data threats.

What to do: Ensure that your team is running on the latest versions of software and make the time to back up data on at least a bi-weekly basis.



7) Lack of Cyber-Security ProtocolsIf your Cyber-Security game plan in non-existent then how can you plan for an attack? Pre- and Post- Threat protocols are your best bet in having reliable next steps that can help curb risk.

What to do: Create a cyber-security safety plan and train new hires and employees on an annual basis.



6) Lack of Awareness of Current ThreatsIf you haven’t heard of ransomware, then you might not be in the know regarding other new and noteworthy cyber threats. Ignorance is not bliss! Check out this ransomware horror story.

What to do: Stay current on the latest threats by reading blogs and following industry news alerts.


http://www.trendmicro.com/vinfo/us/security/definition/Ransomware

http://techtalk.pcpitstop.com/2014/10/21/ransomware-horror-story/


5) Human Error From setting passwords that are easy to crack to leaving computers unlocked in public places, human error accounts for over 95% of all cyber security incidents.

What to do: Train employees on proper safeguards that reduce human error such as password changes every 30 days and short-time frames for lock screens.


https://securityintelligence.com/the-role-of-human-error-in-successful-security-attacks/


4) Failing to Lock Up Confidential InformationThis isn’t addressing computer passwords and lock screens, but rather physical file cabinets. Are you sure that company passwords, financial data, employee files, and trade secrets are not haphazardly sitting on someone’s desk?

What to do: Train employees on proper safety protocol and walk around to ensure proprietary data is locked away.



3) Not Offering Cyber-Security TrainingHow can you expect employees to prevent threats if you are not teaching them how? An ounce of prevention is worth a pound of cure.

What to do: Create a training program for employees and new hires. Revisit this program every year and make sure it’s been updated to account for the latest technology and corporate policies.



2) Working Over Public WifiWe all love free wifi at places like coffee shops, malls and hotels – but are you aware of the security risks that you may be subjecting yourself to?

What to do: Above of all, assume no privacy while browsing online so be careful not to transmit passwords or other sensitive data while browsing on free wifi.


http://www.usatoday.com/story/tech/2013/07/01/free-wi-fi-risks/2480167/


1) Belief That Cyber Security Can’t Be CompromisedBelief that you have an impenetrable fortress in your IT practices is a mindset that is sure to leave a security risk exposed for too long. This list should have provided some area of growth in your cyber-security protocol and training so be wise to take heed!

What to do: Set aside time to truly evaluate risk in your organization and contact professionals in the event that you need advising or support.

