Running a small business requires you to be a jack of all trades. Not only do you have to specialize in your own field, you have to be an accountant, human resources specialist, payroll guru, recruitment agent, and client specialist – not to mention an expert in online safety and cyber security. Everything else falls by the wayside if you become the victim of nefarious cyber attacks.

You might find yourself minimizing the issue, thinking, “I’m such a small player, no one will bother with cyber attacks on my business.” This could not be further from the truth. Hackers and online criminals often look to target small businesses over larger corporations, realizing that they are often less prepared to defend against attacks.

Cyber attacks are often used to obtain credit card information, personal data, and steal the identities of your clients. Could you imagine the damage to your good name and your business if you allowed hackers to steal your clients’ information? You need to take action now to protect your business against cyber attacks.

Watch out for phishing emails

While you might assume that your employees know not to open any suspicious emails, hackers are getting more and more sophisticated. Phishing emails are increasingly convincing, and even people who think they are savvy can end up opening them and falling prey to cyber attacks.

Phishing emails often target people in specific roles in your company – check out Entrepreneur’s article, “5 Types of Employees Often Targeted by Phishing Attacks.” Get prepared, and stay vigilant.

Install the best anti-virus software on the market
While you can educate your staff with training about how to avoid phishing emails, the reality is that the best cyber criminals can still get through your best educational efforts. In order to protect your clients’ information and keep your business safe, you need to invest in the best anti-virus software that you can afford. Pay special attention to expiry dates, and don’t let your coverage lapse at any point.

Use a Business VPN

A VPN can be used to establish secure connections between remote users and the entire corporate network back at headquarters. By doing so, it ensures that no malicious parties will be able to intercept sensitive data as it transmits through online channels. A VPN also helps to protect against internal threats, such as a disgruntled employee who might try to access company data from home or an outside network. In this case, it is important that the VPN encrypts all of the network traffic traveling between the remote computer and the organization’s servers.

In fact, a VPN should be implemented in tandem with Multi-Factor Authentication (MFA) measures, which are another form of security best practice. MFA involves using an additional layer of authentication when logging into a system, usually through an app on a mobile device or by entering a PIN number. If you are using a Fortinet VPN, you should secure your access with a Fortinet MFA solution. Many businesses already use this sort of secure access for their employees, however, it can also be beneficial for you to start using it if you want to keep your business security in place.

Install a firewall as soon as possible

While your anti-virus protects from malicious attacks that infect your systems from within (as in a successful phishing attack), you should also have a firewall to protect your data from an exterior attack. The Federal Communications Commission (FCC) recommends that all small businesses install firewalls to prevent cybercriminals from accessing your valuable information. If you (or any of your employees) ever work from home, you need to also install a firewall on your home computer and laptops.

Ensure that your employees change their passwords regularly

Secure passwords are one of the most important aspects of keeping your business safe from cyber criminals and attack. While your employees might find the process of changing their passwords every 60 to 90 days time consuming and annoying, you must ensure that that they are doing so. The Verizon 2016 Data Breach Investigations Report shows that a staggering 63% of data breaches and theft occurred because of weak, stolen, and lost passwords!

Passwords must be complex to be strong

It’s not enough to simply change your passwords regularly – the passwords should be varied, complex, and unique. “The more complex and varied the combination, the stronger your password is, and the safer you are from having your information or account stolen.” Your employees’ passwords should be a combination of numbers, upper and lowercase letters, and symbols.

Multifactor (2-factor) identification is an important additional step

According to PC Week in their article “10 Cyber Security Steps Your Small Business Should Take Right Now,” every small business needs to implement multi-factor identification. Use your employees’ cell numbers to act as a second form of identification, preventing cyber criminals from accessing their log-ins and PINs.

Cyber security should be your top priority

While you might get caught up in the day to day minutiae of running your business, filling orders and dealing with clients, you need to ensure that your security remains a top priority. In addition to making cyber security one of your main concerns, you also need to educate your employees and keep them up to date on all the ways that they are vulnerable online.

Education, 2-factor authentication, firewalls, anti-virus software – you need to stay on top of it all. As cyber attacks get more sophisticated, you need to outfox them every step of the way.