Skip to main content

Protecting your small business from cyberattacks

Cyberattacks are a growing threat for small businesses, and a recent U.S. Small Business Administration survey estimates that an astonishing 88% of small business owners are concerned about being vulnerable to cyberattacks. Many entrepreneurs don’t have the capability to afford IT professionals or don’t know where to start, but it’s important to learn about common threats, understand where your business might be vulnerable, and take concrete steps to improve your cybersecurity. 

Below you will find some tips and best practices to protect your small business from cyberattacks.

Be smart about passwords 

To improve your cybersecurity, use strong passwords that are unique to your various accounts. While it might be challenging to remember them, being diligent about your passwords will pay off in the long run. 

The National Cybersecurity Society has developed a short guide to creating secure passwords for small businesses.

Stay alert 

Whether you or your employees are entering data into your systems, sharing information with other partners or just ringing up a sale, it’s critical to be aware of possible phishing attacks. Phishing is a type of cyberattack that uses email or is a malicious website that can infect your computer with viruses to collect your sensitive information. 

Phishing emails appear as though they’ve been sent from a legitimate organization or known individual, and these emails often entice users to click on a link or open an attachment containing malicious code. Check out this cheat sheet to keep yourself and your employees aware of possible phishing attacks.

Use antivirus software 

Equip your business’ computers and systems with antivirus and antispyware software. You can find an array of programs readily available that fit your small business needs, so make sure to choose a vendor that will configure automatic updates to correct security problems and improve functionality.

Protect your payment processors 

Work with your financial institution or payment processor to ensure you have a complex payment system. To help you identify the best system for your business and how to protect it, check out this guide to data security essentials for small merchants.

Set up multi-factor authentication 

Whenever appropriate and available, set up multi-factor authentication for your accounts. This process requires small business owners and their employees to provide additional information to add a second layer of security to log in and access sensitive information. Some companies automatically give you the option to set up multi-factor authentication to log into their accounts, so check with your financial institution and other vendors to see if they offer this feature.

Evaluate your business’ cybersecurity preparedness 

We encourage you to take the NCSS online survey to assess your business’ vulnerability to cyberattacks and how you may improve your cybersecurity.

For additional how-to guides and frequently asked questions about how to protect your small business from cyberattacks, visit the National Cybersecurity Society.