When picturing a business, what image comes to mind? Perhaps a store with a cashier and a line of customers? Maybe an active warehouse with forklifts and large machines? Or maybe an office with desks, phones, and several people in suits and ties?
Regardless, all of these business types share a common theme: tech.
Great businesses are always in the process of growing, upgrading their tech, and keeping their data safe. As a business owner, you know how quickly the market changes and how high the need for new devices can be. When growing your brand, you want a security solution that protects what you have built so far
Luckily, you don’t have to do anything hard to ensure the safety of your business data. Below, we’ve compiled a shortlist of simple ways you can protect your tech.
Turn Your Receptionists Into IT Nerds
This is a bit of an unorthodox suggestion, but to give your IT employees more time to focus on security initiatives, you might want to train your non-IT employees to do their own basic technical troubleshooting. It at least makes sense from a financial standpoint in some cases – you train a $15/hr receptionist to troubleshoot their own computer instead of having a $35+/hr IT admin do it for them all the time.
Some of the things you can teach your non-IT employees to do include:
- Select strong passwords, and don’t reuse them
- Try restarting your computer if it runs into issues (same with devices like printers or, if you’re working from home, like modems and routers)
- Check and track your storage space to ensure you aren’t running low
- Change the applications that launch at startup to reduce boot times
- Isolate issues by thinking of what has changed recently that may have caused the problem (Did you download and install a new application? Did you change any of the computer’s settings? etc.)
- Look up IT problems on Google to see if there are any quick and easy fixes
Of course, doing something like this could easily backfire. Your IT people could end up having to spend more time fixing the “solutions” of your non-IT people than they would having to solve the original problem. But if your IT team is particularly short-staffed, or maybe your non-IT employees have nothing better to do, and you’re open to trying out bold ideas, it’s an option.
Protect Your Cat Meme Emails
You might not think of emails as a top security priority. For the most part, it’s just a lot of back-and-forth perfunctory office chatter, maybe a funny cat meme or two (or whatever the current equivalent is), and a lot of worthless spam.
One reason it’s important is that email is a top source of malware and social engineering hacking attempts. Sometimes these malicious emails are easy to spot, but other times they’re well-disguised as resumes, invoices, Dropbox links, or other communications that you wouldn’t consider out of the ordinary to receive unsolicited.
Another reason is that, for some, email is the preferred medium of communication for a lot of important information. People send important info like passwords, credit card and bank account numbers, trade secrets/intellectual property, and business plans via email. These email accounts (both the sender and the receiver) can be hacked, and emails can potentially be intercepted.
We have a blog that goes into detail on email security best practices for businesses. These are the top practices to implement:
- User education
- Email security gateways with spam filtering and data loss prevention
- Endpoint and server antivirus
- Patch management
- Blocking of certain types of files from outside the organization
Make Copies of Your Malware
Strike that – obviously you want to make sure that you back up all your data except malware.
This isn’t as simple as it sounds. With a form of malware called cryptoviruses or ransomware, for example, the malware encrypts all of the data it has access to.
The only way to recover (aside from paying the ransom and receiving a decryption tool, which may not work and may be illegal to do in some cases) is to restore your files from backups, but if you only have one copy of your backups and your system is set up to automatically back up or sync data, it may already be too late – your backups could be encrypted now, too.
That’s why it’s important to both:
- Keep your production data and your backup data “gapped”, so you can pause the backup process if the production data is encrypted or infected
- Keep multiple versions of backups if you can afford the storage space, so even if one backup gets encrypted or infected you can restore from a different version (though you would lose the new data created between one backup version and the other)
Hire a CIO – or Someone Pretending to Be One
Of course, not every business can afford to hire a bonafide, Fortune 500-level Chief Information Officer, which according to Indeed receives an average salary of $130,000 per year.
That’s not really the point, though. You should consider a CIO more as a role or set of responsibilities than as a position or person. The CIO’s job is to provide strategic IT leadership and oversight. Anyone can take this role, whether it’s your MSP, your just-out-of-college IT admin or technician, or even the business’s owner.
The goal is to avoid the attitude that IT’s role is just to maintain the status quo and “fight fires”. IT should have long term plans and objectives for itself, as well as a clear vision of how it will help the business as a whole succeed in the long run.
For example, for itself an IT department might have objectives of rolling out new remote monitoring and managing tools and reducing its response and resolution times to a certain point. It may also have the goal of moving their IT infrastructure to the cloud to give the business the scalability, reliability, and global accessibility it needs to grow.
Obviously, a Fortune 500 CIO will do a better job of this kind of strategic planning and project management, since they have the knowledge, experience, and no other responsibilities to deal with (aside from the inordinate amount of golfing that such positions “require”). But any IT leadership is better than no leadership, and an MSP or entry-level admin should fill this role just fine for most small- and medium-sized businesses.
Hire a Complete Stranger to Do It
Of course, every aspect of small business security discussed so far comes down to having great people on your side. A great IT department must be focused, vigilant, and adaptive – ready to meet any challenge. The same can be said about an effective CIO.
However, getting a band of IT specialists together is hard. You must spend months interviewing people, training the ones you hire, and making sure they work well together. Instead of going through the hassle, smart companies invest in Managed IT Services.
By outsourcing your IT services to specialized companies, you ensure that you have a dedicated staff of professionals organizing, monitoring, and protecting your data. While your IT team works, you can focus on the other aspects of your business and facilitate further growth.
At XO, the security of your business is our top priority. Our dedicated team of modern IT professionals are eager to learn about and work with your business. Whether you operate in the cannabis, construction, or retail sector, we’re here to help you meet all your business security needs. Set your business on the secure path, contact us today!