With more than 4 billion internet users currently worldwide, the internet is an incredible way for people to stream information and for businesses to make immense profits through online services and sales. It's also the leading cause of security breaches that put 61 percent of small businesses out of business within six months of a cyber attack.
UPS Capital reported that 90% of small businesses don't use any data protection at all for company and customer information. If you're not protecting your business, employee, and customer data - how will you stay in business when you face a cyber attack?
We've compiled a list of questions for business owners to ask about your business, employees, and customers' internet use in relation to your business. It is not to make you feel bad or invoke fear but to help you check the systems you have in place at your business to ensure you're doing all you can to secure your business and employees' livelihood.
- Are your company domains safe?
- Is your internet browser safe?
- Do you have an SSL certificate on your site?
- Are your employees only visiting sites with SSL certificates that are considered "secure"?
- Are your employees trained to know how to identify spam email addresses, links, and downloads?
Even if you have an SSL certificate on your site - Surprise! You're still at risk for a breach on your domain. Dating back to 2014 through September 2018, the Starwood brand of hotels (Marriott, Westin, St. Regis, Sheraton, and more) exposed their database of more than 500 million customer accounts and over 327 million likely had their information copied by hackers. The information obtained was personal, financial, and travel information.
If you or even just one of your employees stayed at this chain of hotels, used the same password to login to their Marriott account as they did for one of your business accounts, it would be easy for one of these hackers to obtain access to your business data. You want to ensure your employees are trained on standard password practices and that they understand the risk of using easy-to-guess or likely compromised passwords.
- Are your customers entering into a portal on your site?
- Are you sure that customer portal is safe?
- Are your eCommerce sites protected against credential stuffing and Cryptojacking malware?
In December 2017 through January 2018, two employees of Children's Mercy Hospital were initially lured in by an email phishing attempt that resulted in 63,000 exposed patient accounts and personal health information. And, in November of 2018, The Make a Wish Foundation suffered a severe Crytpojacking attack through their website dating back to earlier in May of the same year. Individuals who visited the site were also being used to mine CPU power through the affected donation platform on their website.
We hope to help small business owners understand that they take by not making cybersecurity a key priority of their business continuity plans. Our Data Privacy resources can help you identify weaknesses and provide strategies to keep your business data secure as hackers are becoming increasingly better at obtaining your data.
If you have any questions and would like to understand how secure your internet data privacy practices currently are, get your Free Cybersecurity Assessment for your business today.