I recommend reading over this CNBC article about the latest trends in small business malware attacks.
This is becoming more of a threat over time, and should concern all business owners.
The article unfortunately doesn’t discuss defense tactics that the average small business can perform. This is where having a security-savvy IT person comes in handy.
Cybersecurity Defense Priorities for Small Business
- Have good backups. Backups that are stored with an “air gap” between your business network and the storage media. Backups that are tested regularly to ensure that they can actually be restored.
- Deny an entry. Make sure all internet-connected computers at your business have antivirus and the latest patches. Invest in an email filter. Configure firewalls to only allow “normal” traffic patterns, both inbound and outbound.
- Separation. Use the principal of least-privilege so that even if something is accidentally executed, at least it will be executed as a user instead of an administrator. Individually firewall and protect your servers from the rest of the network.
Despite precautions, things can go wrong. Backups, good documentation, and a system administrator who can recover your network will give you options when responding. Don’t feed the wolves!