For small and midsize business (SMB) owners, a strong internet connection isn’t a luxury--it’s a necessity. It’s what enables these companies to work more efficiently and reach broader markets. Yet, with all the benefits come considerable risks. “Small business owners increasingly rely on digital technology and internet to run their business. And as part of that, there is sensitive or confidential information about their business, employees, and customers they want to protect,” says Sukhjinder Singh, senior director of product management at Comcast Business.

As technology improves, scammers are coming up with more sophisticated strategies for pilfering data. And while many smaller businesses don’t have the IT resources that larger companies enjoy, there’s plenty they can do to help protect themselves and their sensitive data. Here are five steps every business should consider.

1. Understand your risk.

While small businesses might assume hackers primarily target larger enterprises, it is highly likely a small business will be subject to cyberattack. “Worldwide, what we see is that about 1% of devices end up becoming infected by some kind of two-way communication malware, about one in 20 are affected by a phishing threat, and one in 10 are affected by malware,” says John Arledge, vice president of Akamai Technologies, a cloud services and cybersecurity company based in Cambridge, Massachusetts. “About 50% of small businesses experience at least one of those attacks in any given quarter.”

Small businesses must be aware of what kind of data they store, where it’s stored, how it’s accessed and shared, and by whom. A comprehensive understanding of this information allows you to implement effective measures to protect your organization’s sensitive information, such as customer data, employee records, and intellectual property.

Arledge adds that companies may also want to put highly sensitive data under an additional lock and key, giving access only to authorized people. “That way, even if a server or database gets compromised, it’s hard for an attacker to recover any information.”

2. Consider cloud-based solutions.

In today’s hyperconnected world, most small business owners and employees access information stored in the cloud from multiple devices and locations at all hours of the day and night. Each of these points of access create potential weaknesses that cyber criminals can exploit. “Being able to protect devices no matter where they are and no matter what access network they’re using--whether Wi-Fi or mobile--is becoming more and more important,” Arledge says.

A cloud-based cybersecurity solution is a cost-effective way to provide security across devices without additional IT staff and on-premises security hardware or tracking down employee devices to install security software.

3. Get educated.

Providing cybersecurity training to employees can help small businesses give their employees the knowledge and skills needed to identify and mitigate potential threats. “Humans need to be the first and last line of defense, especially in small businesses,” Arledge says.

That training should include helping employees recognize phishing attempts and how to avoid suspicious downloads. It also should cover the importance of strong passwords and multifactor authentication tools, and how to practice safe internet browsing practices such as always using secure websites. Online training resources are available to small business owners through the National Cybersecurity Alliance and the Small Business Administration.

4. Back up your data.

In addition to building defenses against cyberattack, it’s critical to have resources in place should one occur. Maintain backups of your data in a separate secure location where it can be retrieved in the event of an attack.

“Backups are cheap and can be automated,” says Lori Martinek, a branding and digital outreach consultant in the greater Phoenix area and a mentor with SCORE, an organization that pairs successful business owners with entrepreneurs. “If you get locked out of your system by ransomware, your backup is going to play a huge role in how you’re able to move forward and whether business can continue functioning--so never skip this step.”

For increased security, consider storing complete sets of data using multiple storage methods, including both external hard drives and cloud backups.

5. Insure against a cyberattack.

Once you’ve implemented a cybersecurity plan, consider further protecting your company with a cyber insurance policy that can help cover the cost of an attack if one occurs. When considering a policy, be sure it covers network breaches and data breaches involving theft of personal information, cyberattacks on data held by third parties, and attacks that occur globally, not just in the United States. You may also want to consider a policy that will defend you in the event of a lawsuit.

6. Find a "connectivity partner".

Finding reliable third-party security providers can be a critical part of a company’s cybersecurity strategy. They can offer small businesses solutions that help protect their network and stay informed when breach attempts occur.  “A connectivity partner can help small business who lack a lot of IT resources with easy-to-use solutions that are powered with the latest threat intelligence,” Singh says. “That can go a long way to help make sure your business and information is safeguarded.”

Get your new business ready to do business with connectivity from Comcast Business. Click here to learn more.

Originally posted on Inc,

https://www.inc.com/comcast-business/six-cybersecurity-measures-that-can-help-protect-your-small-business.html