Are you a legal professional? Visit our professional site

Search for legal issues
For help near (city, ZIP code or county)
Please enter a legal issue and/or a location

After a Cyberattack: 3 Simple Ways SMBs Can Re-Establish Security

Article Placeholder Image
By Brett Snider, Esq. on November 19, 2014 8:37 AM

When hackers compromise your business' systems, you may want to bring every cyber-facet of your company on full lockdown.

That's certainly what the U.S. State Department recently did after it learned that cyberintruders had infiltrated an unclassified email network used by President Obama's close circle of aides. Your company may not have the resources that the federal government commands, but there are some hard lines you can draw to re-establish security after a cyberattack.

Here three all-or-nothing hacking remedies you may want to consider:

1. Shut Down Office Email, Move to Public Email.

Attacks on your business' digital assets can easily come through a compromised email system. The Associated Press was briefly brought to its knees by a "spear-fishing" email attack, and even with adequate training, your employees might let similar types of malware slip into company inboxes.

Your company may wish to follow the U.S. government's lead: Have employees temporarily abandon your business' proprietary email servers for public email services like Gmail. The Telegraph reports that this is exactly what some U.S. diplomats were forced to do following the cyberattack on the State Department. Gmail has two-step authentication, which all good enterprise cloud services should have, to keep out most cyber intrusions.

2. Crack Down on Wi-Fi Use.

Employees can pick up a computer virus while on corporate travel just as easily as a new strain of the flu. And while you're somewhat limited in forcing your employees to stay home when they're sick, you can control how your employees connect to the Internet.

Start by requiring that employees only use company-provided connections while in the office (Ethernet and protected Wi-Fi), and that they not connect to public Wi-Fi on work devices. Hotels and conference centers may offer semi-public Wi-Fi, but with hacks like "Darkhotel" circulating, your business might want to stick completely to trusted networks or cellular data.

3. Require Vendors to Sign-Off on a Cybersecurity Clause.

Many cyberattacks are accomplished through third-party vendors that have access to your business' information but may not share your zeal for security. You may want to require all vendors to prove they are shored up against cyberthreats before contracting with them, and include a cybersecurity clause that protects you from being liable if the vendor is breached.

Many of these measures may seem drastic, but bringing your small business back to normal after a cyberattack may require them.

Follow FindLaw for Consumers on Google+.

Related Resources:

Find a Lawyer

More Options