Pro­tect Busi­ness From Cy­ber­se­cu­rity Con­cerns

The Oakdale Leader - - PERSPECTIVE - By BILL SPANIEL Cal­i­for­nia So­ci­ety of CPAs

Whether you’re a long-stand­ing com­mu­nity busi­ness or a new web-based start-up, many of your trans­ac­tions will be con­ducted on­line.

While dig­i­tal trans­ac­tions and com­mu­ni­ca­tions can ex­pand your mar­ket­ing reach and en­hance ef­fi­ciency, they can also ex­pose you to the same types of se­cu­rity breaches many larger or­ga­ni­za­tions ex­pe­ri­ence. What’s a small busi­ness to do? The Cal­i­for­nia So­ci­ety of CPAs of­fers this ad­vice.

Rec­og­nize You’re a Tar­get

Equifax, Kmart and Ver­i­zon are just a few of the com­pa­nies that have suf­fered high-pro­file breaches re­cently. While we of­ten see re­ports of hack­ing at large or­ga­ni­za­tions, many own­ers of smaller com­pa­nies in­cor­rectly as­sume they’re im­mune from the dan­ger. In fact, small com­pa­nies are also vul­ner­a­ble – and many have been vic­tims al­ready.

A study by the Ponemon In­sti­tute found that more than 61 per­cent of small and medium-size busi­nesses had se­cu­rity breaches in 2017, up from 55 per­cent in 2016. Be­ing aware of the prob­lem – and the need to ad­dress it – is a crit­i­cal first step.

Get Em­ploy­ees on Board

How many of your em­ploy­ees use the word “pass­word” as their pass­word? It’s up to the or­ga­ni­za­tion to ed­u­cate their peo­ple about the dan­gers se­cu­rity breaches can pose and to set clear tech poli­cies. That in­cludes re­quir­ing staff to take steps that in­clude us­ing strong pass­words and chang­ing them of­ten, en­crypt­ing data prop­erly, rec­og­niz­ing and avoid­ing phish­ing at­tempts, and to ini­ti­ate au­to­matic lock­ing on com­put­ers when they’re not in use.

All new staff should be trained in your com­puter se­cu­rity pro­ce­dures, and it’s a good idea to reg­u­larly con­duct up­dates for ex­ist­ing em­ploy­ees.

Mon­i­tor Mo­bile De­vices

Your se­cu­rity pro­ce­dures should en­com­pass rules for em­ploy­ees’ mo­bile de­vices, such as cell phones, tablets and lap­tops. Many or­ga­ni­za­tions now al­low work­ers to bring their own de­vices (BYOD), mean­ing they can use per­sonal tech­nol­ogy for work.

Care­fully con­sider guide­lines for what kinds of data can be ac­cessed or used on th­ese or any other de­vices used in your busi­ness. Hack­ing or theft is of par­tic­u­lar con­cern when de­vices are used re­motely and con­nected to the In­ter­net through un­se­cured Wi-Fi.

Em­ploy­ees should be trained on the im­por­tance of pro­tect­ing con­fi­den­tial com­pany or cus­tomer data. In ad­di­tion, em­ploy­ees should be aware of how to re­port the loss or theft of a mo­bile de­vice that con­tains busi­ness data or that con­nects to the or­ga­ni­za­tion’s sys­tems.

Keep Your Se­cu­rity Up to Date

Make sure you have the lat­est ver­sion of se­cu­rity soft­ware and you down­load all nec­es­sary up­dates for all your soft­ware as they be­come avail­able. In­stall a fire­wall that prevents ac­cess to your data or sys­tems by out­siders.

Tech­nol­ogy used by em­ploy­ees who work from home or other re­mote lo­ca­tions should also be pro­tected by a fire­wall. Be sure, as well, to se­cure and pass­word pro­tect your or­ga­ni­za­tion’s router.

Set Sen­si­ble Lim­its

Em­ploy­ees should have ac­cess to data or sys­tems that re­late to their jobs, and no more. That’s par­tic­u­larly true of con­fi­den­tial, per­sonal em­ployee or cus­tomer data in your sys­tems, but don’t stop there.

An IT staff mem­ber’s lo­gin may al­low him or her to make changes to the sys­tem, but other work­ers should have sep­a­rate lo­gins that pro­hibit that ac­cess. In ad­di­tion, work­ers shouldn’t be al­lowed to load their own soft­ware onto com­pany com­put­ers.

Turn to Your CPA

Wor­ried about the many chal­lenges a small busi­ness may face? Whether you’re con­cerned about tech­nol­ogy is­sues, the need to raise cap­i­tal, mar­ket­ing or any other chal­lenge, your lo­cal CPA can help. Turn to him or her for ex­pert ad­vice on all your busi­ness is­sues. Visit CalCPA.org/find­acpa to find one near you.

Newspapers in English

Newspapers from USA

© PressReader. All rights reserved.