From making sure that nobody is doing Zoom calls in their bathrobe to ensuring that work actually gets done on time, you’ve got a few extra things to worry about as a Indianapolis business owner these days.
Chief among those new concerns, however, should be cybersecurity.
Cybersecurity steps are one of those painful, annoying topics that nobody wants to think about in a small business environment (kind of like *ahem* taxes and accounting) … but one that rears its head as a terrible, business-killing beast when left unattended.
There’s an entire slew of “information security” concerns that may not have been top of mind back when all the files and sensitive data were locked up nice and tight back at the office, but should be at the forefront now for all Marion County business owners.
Before we dive into that, though, a quick reminder on an important business tax deduction…
As your favorite Indianapolis restaurants re-open, don’t forget that recent stimulus legislation bumps the business meal deduction all the way up to 100% for both takeout meals and meals consumed at the restaurant.
If you’re traveling for business or take a customer or prospect out to eat, that totally counts. What doesn’t count are prepackaged foods, such as prepared sandwiches and wraps, that are purchased from places like Marion County convenience stores.
During that customer meeting at your favorite local eatery, let’s delve into some important tips that you should pay attention to before connecting to the restaurant wi-fi (among other things) …
5 Cybersecurity Steps all Indianapolis Business Owners Should Take
“You may have to fight a battle more than once to win it.” – Margaret Thatcher
Whether your Indianapolis business is in full-on work-from-home mode, or your business is such that this is a totally foreign concept, the reality is that cybersecurity steps are something you absolutely need to address.
Your office computers, employee laptops and tablets, cloud services (which can be accessed remotely), and even company cell phones all have an insane amount of information on them that hackers would love to get their digital hands on. Along with customer credit card numbers and employee SSN’s and DOB’s, your digital records contain a wealth of valuable information. Even something as seemingly innocuous as customer estimates and invoices can look like hidden treasure to the world’s digital pirates.
Taking basic cybersecurity steps is cheap protection against potentially embarrassing and expensive data breaches.
If you do have employees working remotely, it’s your responsibility to protect customer and employee data. Just like the IRS sets minimum requirements for us to protect YOUR private information, you should also set minimum standards for cybersecurity in your own business.
A recent study by Shred-it (business document destruction company) stated that a whopping 96% of American consumers consider a business’s employees to be the largest risk factor for a data breach. So, how do you put your Marion County customers at ease, do the right thing, and help prevent data breaches and ensuing expensive lawsuits?
Step 1: Have a Written Policy
The first of the five cybersecurity steps you need to do in order to protect against data breaches is to have a written policy at your Indianapolis company about data security. You need to put rules in place that both protect data and prevent your employees from taking shortcuts that put valuable information at risk.
For example, you’ll want a policy that covers minimum password complexity as well as a process in place for ferreting out all those “abc123” and “password” passwords.
Your written cybersecurity policy should outline the basic things your staff should do to keep things secure. Be sure that your policy includes the use of proactive defenses like anti-virus/anti-malware scanners, drive encryption, and software firewalls.
You’ll also want to specify what software programs and apps are okay for your employees to use when accessing company information.
Step 2: Use Secure Connections
Using secure connections is the next one of the cybersecurity steps to take. One of the most common ways that criminals access company data is when employees are using unsecured, public Wi-fi networks, and that includes those in Indianapolis.
Even if they’re at home, most people don’t properly secure their home routers. It is essential to provide some level of technical support, at company expense (deductible, of course!), to help at-home employees secure their Wi-fi connections.
You should also consider subscribing to a secure VPN service. These services are affordable and provide a secure “tunnel” between an employee’s home internet and your business network. Make sure to choose a service that uses top level encryption across the entire span of that “tunnel.”
Step 3: Use Password Managers
Of the many cybersecurity steps you should take, this might be the most important one across the board.Weak passwords (remember “abc123”?) are everywhere. This tends to be one of the weakest links in cybersecurity, especially for small Indianapolis businesses. With all the services and software that your business runs on these days, your employees likely have a metric boat load of passwords that they can’t possibly remember.
Which means they are probably “recycling” their passwords. (Yeah, that’s not a good thing.)
While choosing more secure passwords is a good starting point, it may be worth investing in a password manager for every member of your team. Tools like LastPass and 1Password are very affordable and go a long way with helping your employees create secure, unique passwords for all the services they need to access.
Step 4: Use 2-Factor Authentication
Two-factor authentication (or 2FA as the cool kids call it), adds a layer of security on top of passwords. Even if a password gets hacked, 2FA is one of the very difficult cybersecurity steps to hack.
2FA requires that you enter a code to access an online service. This code can be sent as a text message to an approved cell phone or can use a special security fob that shows a number which changes frequently. Some new systems may also use fingerprints or retinal scans to ensure the right person has access to company data.
Step 5: Install the Updates
Have you ever skipped a software update that your computer is demanding that you install? Yeah, so has everybody else.
But you really shouldn’tskip this one of the cybersecurity steps, and neither should your employees.
Keeping software up to date is important for preventing data breaches. These updates frequently eliminate known vulnerabilities in software. The only way you’re protected from certain types of cyberattacks is to close that door by installing the update.
Maintain Security Awareness
While a lot of these techie things may sound overly complicated at first, they become second nature once you and your employees start using them. With proper education, the right policies, and with you setting the example as the owner of the business, your team can easily embrace the basic steps that will prevent the vast majority of data breaches.
From a purely financial perspective, it’s also just cheaper to put these protections in place than it is to defend yourself against a lawsuit in the event of a data breach. So, if nothing else, take these cybersecurity steps because of the money. 🙂
John R. "Rusty" Helms