Cyberattacks wreak havoc on many small businesses

Select an option below to continue reading this premium story.

Already a Honolulu Star-Advertiser subscriber? Log in now to continue reading.

Get unlimited access

From as low as $12.95 /mo.

Subscribe Now

If you could prevent a risk that had a 70 percent chance of putting you out of business, would you? About that percentage of small businesses close within a year of suffering a computer system breach.

Here’s another stunning fact: The average cost of a cyberattack to a small- to-mid-sized business is $188,000, according to a study performed by Symantec last year. Can your business take that kind of hit and survive?

"But who would want to attack me?" a business owner might say.

The majority of cyberattacks aren’t personal. Hackers often prey upon small businesses because they generally aren’t as well-equipped to resist attacks or monitor their systems for intruders. This makes it easier for cybercriminals to infiltrate their systems as well as get away with their crimes.

While breaches at banks and computer firms make headlines, cyberattacks against small businesses are skyrocketing. Cybercrime increased sixfold in 2011, with nearly two-thirds of the attacks aimed at businesses with fewer than 100 employees. Credit card companies estimate that nearly 95 percent of credit card fraud involves small businesses.

These tips can help a small business improve its security posture quickly at little or no cost:

Don't miss out on what's happening!

Stay in touch with top news, as it happens, conveniently in your email inbox. It's FREE!

By clicking to sign up, you agree to Star-Advertiser's and Google's Terms of Service and Privacy Policy. This form is protected by reCAPTCHA.

» Eliminate your wireless network if you don’t really need it. Misconfigured wireless networks are the biggest hole in most small-business networks.

» If you need a wireless network, configure it with a strong administrative password (not default). In addition, require a password to connect to it and enable the strongest encryption the device supports. Look for WPA or WPA2 at minimum, and avoid WEP, which is outdated and easy to break through.

» Make sure your point-of-sale system has basic security controls and is "Payment Card Industry Certified." Using an older system that’s not PCI compliant can leave you open to fines and lawsuits if credit card information is stolen.

» Require individual log-ins and strong passwords (for example, at least eight characters with a mix of letters, numbers and symbols) that expire within 90 days on all computer systems.

» Run anti-virus protection on all systems, including mobile devices such as smartphones, and keep it active as thousands of new viruses are released every month.

» Install a firewall on your Internet connection. This will stop the bulk of intrusive attacks. Many Internet service providers offer a managed firewall service for a small monthly fee.

» Update all computers on your network frequently. Most software manufacturers, including Microsoft and Apple, release monthly security fixes. If possible, configure your system to check for and install updates automatically.

» Back up your data. About 40 percent of small businesses don’t, making them vulnerable to hackers who encrypt critical data and then extort money to decrypt it. But beyond the criminal element, a hard disk dies every 15 seconds. Relatively inexpensive backup solutions can effortlessly copy critical data to storage facilities maintained on the Internet or "in the cloud." Depending on the volume, it may be free or just a few dollars per month.

———

Beau Monday is an information security officer at Hawaiian Telcom. Reach him at Beau.Monday@hawaiiantel.com.