As, small businesses continue to be a target for cyber-criminals, small business owners also struggle to find resources to combat the attacks. However, there is a cost effective measure within an owner’s control they could put into use right away.

A recent study found three-quarters of the businesses surveyed had experienced a cyber-attack in the previous year. Phishing and social engineering attacks and scams were the most common form of attacks. Another popular method cyber-criminals used is gaining access to files and records through a malicious website.

According to the study, the average cost of a cyber-attack on a small company is around $200,00 and about 60 percent of those businesses close within six months of the attack.

Employee Behavior

Cyber-attackers go after the easiest targets. Namely, small businesses, municipalities, and government entities historically known to have limited resources devoted to cyber-security.

Additionally, small businesses that cannot devote sufficient resources to protecting their systems and data may wish to consider other ways to limit risk.  These include prohibiting employees from accessing websites or emails for personal reasons during working hours. Employees are putting companies at risk by surfing the web while at work, and clicking on malicious emails. Stopping risky digital behavior is no different than prohibiting other forms of risky behavior in the working environment.

Employees’ behavior, often results in cyber-attacks. This is true even with securing the perimeter with firewalls, spam filters, and black listing. Employees cause a large majority of security incidents or breaches. They are more inclined to click on malicious websites, or are duped into opening a malicious email.

The Solution

Small business owners do not allow employees access to their personal emails and websites while on computers, cell phones, tablets, or other hardware which is linked to the company network.  A protocol such as this should be discussed during the hiring process, and memorialized in your employee handbook. Additionally, you should implement this policy company wide and as soon as practical.

In medieval times many castles under siege fell, not because the attackers breached the walls; they were let in from someone on the inside.

Contact me if you need help with with your business or making changes to your employee handbook.
email: paul@pmillerlawoffice.com  phone: (303) 900-2529

This article is for educational purposes only, and does not constitute legal advice about your case or situation. There may be exceptions to the information outlined above. Please consult an attorney if you have specific questions about your business.