Para leer este artículo en español, haga clic aquí.
There is likely no other business segment as vulnerable to cyberattacks as the small business sector. According to cybersecurity experts, small businesses, including those owned by Latinos, make excellent targets for cyberattacks because they often lack the funds and staff to have a dedicated and sophisticated IT department to ward off threats.
The 2019 Data Breach Investigations Report conducted by Verizon found that 43% of cyberattacks are explicitly aimed at small businesses. Despite this, only 14% have taken steps to defend themselves, as they think that they're too small to be hit. But even a minor online breach can have serious consequences.
"An attack means loss of money and loss of consumer confidence," says Brian Fonseca, Director of Cybersecurity at Florida International University in Miami and founder of Teaching Digital Natives, a nonprofit organization that provides training and information on cybersecurity. "Your customers don't trust your ability to protect their information [so] you can go out of business after just one attack."
Fortunately, Fonseca adds, there are several steps a Latino-owned small business—even one with minimal funds—can take to help guard against cyberattacks. It all comes down to 'cyber hygiene'—keeping your data and online presence healthy.
Start with work culture
Fonseca believes that most cyberattacks target individuals in the business, click on a link, download an attachment, or sign on to a Wi-Fi hotspot that's not secure. Any of those small oversights can create the opportunity for cyberattacks to infiltrate your company.
For this reason, injecting a healthy dose of paranoia in your business when it comes to digital can go a long way, he explains. To get started protecting your business against a cyber-attack, follow Fonseca's tips:
- Be on guard when you get an email.
- Be careful when you use public Wi-Fi hotspots.
- Make sure you create a digital security culture within your business that is suspicious about interacting in the digital environment.
- Double-check with the sender if they sent you an attachment, especially if they usually don't.
- Keep in mind that if something doesn't look right, it probably isn't.
Remember that password protection is key
Fonseca points out that many people who use their phones for work don't have password protection, so if their phone is stolen or lost, they have given someone access to their inbox or any payment information stored on the phone.
Besides having a password lock on your phone, Fonseca advises avoiding using the same password for everything. In fact, he suggests taking it a step further and setting up multi-factor authentication since "often, Latino-owned small businesses don't have their own servers and systems to do password ownership, so they're using third-party platforms, and having that extra step is a good precaution."
Fonseca also suggests resetting passwords more often than not, especially for e-commerce and other firms that rely heavily on conducting their business online.
Assess your risk
Take a look at your business to appraise what would happen if there is a data breach. According to Fonseca, "Understanding your risk in a data security environment will go a long way in telling you how much you need to invest versus how much you are willing to be exposed."
If you're an entirely online company, he explains, you can't afford to be taken offline.
Create backups regularly
Creating backups to your data leaves you less vulnerable to cyberattacks. If you have all the data that you need to continue to do business backed up on external drives or a 'cloud,' you can restore it in the event of a breach, Fonseca points out.
This also means updating your software and always making sure you are working off the most updated version. "There are holes in the software that updates patch up, and that help keep the software from external threats," he says. And when it comes to using knockoff versions of software, he strongly suggests steering clear, as "Knockoff versions are highly vulnerable."
These steps may seem small and insignificant, but Fonseca says just these minor actions can thwart about 85 percent of small businesses' online vulnerability.