It’s a well known fact that SME owners put their blood, sweat and perhaps even a few tears into building their businesses. And with all this hard work it really is a dream come true to see it all paying off one day. But how many have stopped to think about some of the more frightening realities of SME ownership? I’m guessing that few have considered how one security attack could easily take it all away.
We read nightmare stories in South Africa of people’s bank accounts being cleared out through online scams and the Symantec Intelligence reports over the last three months has ranked South Africa in the top ten in the world for phishing attacks and virus rates. We also know that cybercriminals favour SMEs because they tend to have more money in the bank than individuals and much less cyber defenses than a larger company.
The threats out there are very real and ignoring them could cost you your business. So how do you protect yourself? Here are six tips to help you avoid the malware and cyber scams that are increasingly targeted at small businesses just like you:
Use common sense: Delete dubious attachments – especially if they’re from an unrecognised source. For example, don’t download tempting animations on a site that looks highly unprofessional. And don’t click on links in messages that seems strange or out of character, even if from a known “friend”. A common method used by attackers is to pose as a friend and send messages to users with files that are infected with malware.
Be smart when downloading: Symantec’s latest Internet Security Threat Report shows that the number of daily Web-based attacks in 2010 was 93 percent higher than in 2009. This reinforces the need to avoid downloading files you can’t be sure are safe, including freeware, screensavers, games and any other executable program – any files with an “.exe” or “.com” extension, such as “coolgame.exe.” If you do have to download from the internet, be sure to scan each program before running it. Save all downloads to one folder, then run virus/malware checks on everything in the folder before using it.
Be careful with email attachments and links: The April 2011 MessageLabs Intelligence Report indicates that 1 in 168 emails contain malware. Scan all incoming e-mail attachments for malware, even if employees recognise and trust the sender. Attackers increasingly employ very targeted methods in which they research key victims within each corporation and use tailored social engineering attacks to gain entry into the victims’ networks. Malicious code can then slip into systems by appearing to be from a familiar source. Also, be sure e-mail programs don’t automatically download attachments. Refer to your e-mail program’s safety options or preferences menu for instructions.
Use a reliable security solution: Today’s security solutions – whether delivered as software or hosted services – do more than just prevent viruses. They scan files regularly for unusual changes in file size, programmes that match the software’s database of known malware, suspicious -mail attachments and other warning signs. It’s the most important step small businesses can take toward keeping computers clean of malware.
Stay up to date: A security solution is only as good as the frequency with which it is updated. New viruses, worms, Trojan horses and other malware are born daily, and variations of them can slip by software that is not current. The good solutions make this seamless, but if you want to alleviate this burden all together, you can also use a hosted service, which will automatically update and occur transparently over an internet connection to help keep employee systems current and consistent with policies whether they are in the office or on the road.
Educate: Be sure to educate your employees on these points and implement policies that ensure that your company is following these guidelines. It may take an investment of time and money at the beginning, but these preventative measures will save even more time and money in the long-run. Don’t risk your company falling victim to a malware attack.