Client records, accounting history, secrets to the trade – what would happen to your small business if it was all stolen or you suddenly couldn’t access it? For many small businesses, the issue of cybersecurity is often eclipsed by other business priorities that hoard the company budget. Particularly here in British Columbia

New data from an ESET and Ipsos survey found that, BC small businesses:

• Were the least diligent in terms of standard security practices like backing up files, frequently changing passwords and educating and auditing employees on proper security practices.
• Had the highest rate of any province for having proprietary and/or customer data stolen in a cyberattack.
• Scored the lowest in terms of adding and/or upgrading their security solutions after an attack.

Why Would Someone Target a Small Business Over an Enterprise Organization?

Your small business handles the same sensitive data that cyber criminals target in larger organizations. And because small businesses tend to have a lower level of protection with less sophisticated security solutions and policies in place they are unfortunately an easy target for many hackers.

And the impact can be substantial. With no back-ups, contingency plans or financial reserves in place to support their businesses being offline, it can mean a real loss to your business. When asked how long they could function without access to files and data? Sixty-five per cent of Canadian respondents said for only a few hours or days, and 15 per cent said they’d cease functioning immediately.

How to Stay Safe from Cybercrime

At the end of the day, there is no magic one-size-fits-all solution that protects every type and size of business, but here are a few things to keep in mind:

• Antivirus or Endpoint Security – You would think all businesses have antivirus these days, but they often don’t have the right product, haven’t renewed a subscription or updated to current versions, or have overlooked habits of employees bringing their own devices to work. Make sure you have the right protection for the technology your company is using and that it’s being updated regularly.
• Backup, backup, backup – You hope for the best, but sometimes despite your best efforts, the worst happens. What can you do if your business becomes the victim of a cyber attack? If you’ve been backing up your files regularly, you should be able to recover and restore your systems with as little down time as possible. Always be backing up!
• Policies and Education – Your employees are both your best asset and your biggest risk when it comes to cyber security. Many breaches are due to human error. If you’re not implementing basic security procedures and educating your employees on the threats, you can’t expect them to know how to respond to a cyber attack. The safety of your business is worth putting a few guidelines in place and making sure staff understand their role in protecting the business. Something as simple as requiring strong passwords or passphrases on all devices, and requiring them to be changed frequently, can go a long way.