Your small business should care about its cybersecurity as much as Fortune 500 companies do. And just in case you're wondering, your business can always do more to beef up its Internet security profile.
Not only can focusing on cybersecurity save employers money and boost goodwill, it can help prevent businesses from being sued after a cyberattack.
Check out these five legal tips to improve your small business' cybersecurity:
- Need legal advice on how your small business should operate? Consult with an experienced business attorney about your options.
1. Be a Password Prince.
Being a password prince requires you to hold dominion over all passwords that allow access to your business' network. Be a wise and just ruler by following the following tenets:
- Employees should change passwords at least every 90 days;
- Passwords should contain both upper and lowercase, numbers, and special characters (e.g., "!" or "#"); and
- Employees should be cautioned against using the same password as their personal online accounts.
2. Be Firm With Vendors on Cybersecurity.
While you may have your business' cyberhouse in order, your customers will be no less aggravated if their personal information is compromised by a third-party vendor. You can demand proof of a vendor's cybersecurity measures, or your business can add a cybersecurity clause into your vendor contracts. Just make sure your next vendor isn't going to leave you liable for a data breach.
3. Use Two-Step Authentication.
Many security solutions use two-step or two-factor authentication to prevent cyberattacks. Google's two-step verification is a good example. This extra layer of security will ensure that your employees cannot log into company accounts without a special code or token sent to their mobile devices.
4. Secure Your Network and Website.
Your business should be employing some sort of Heartbleed-tested SSL protocol to secure your company's site. SSL encryption not only fosters consumer trust with sensitive data, but it also allows employers to defend against negligence claims for data breaches. The same can be said for your in-company network: It needs to be password-secured. You can continue to maintain a free "guest" Wi-Fi for customers if you're careful.
5. Invest Training, Hiring Resources in Cybersecurity.
Don't have a dedicated IT professional? Your small business should at least consider outsourcing the position. Employers should spend time training employees to avoid phishing attempts and other cyberattacks. You can't be the cybersecurity watchdog for your entire business, so you need to train and delegate.
Follow these tips and you can keep your small business' cybersecurity current and effective.
- Seven Tips for Small Business Security (The Huffington Post)
- Want Secure Email and Cloud Storage? Do the Two Step (FindLaw's Technologist)
- Why Are Small Business Cyberattacks On the Rise? (FindLaw's Free Enterprise)
- iPad POS Systems Touch On a Few Legal Concerns (FindLaw's Free Enterprise)