Cyber Security and Small Business

Foodie-Call.com, a Charlotte, NC small business, suffered a data breach twice in 2014. Owner Anu Mehra was left with the bill for $10,000 in fraudulent transactions, and may lose her business if hackers strike again. She told WSOC-TV: “I’m a local business owner. I don’t have partners. I don’t have a franchise. There’s no deep pockets for me to go to and have some help with this.”

According to the North Carolina Attorney General’s office, 2014 saw 17 reported data breaches in Charlotte, affecting 3,370 persons. The Charlotte metro area saw an additional 14 data breaches affecting and additional 520 people. Many of the targeted companies are large, but a good number of smaller firms were hit. These smaller firms include CPA and law practices, car dealerships, small mortgage brokers, a child-care franchise, and a sign manufacturer.

What are they looking for?

Simply put, cyber criminals want your data. Passwords, account numbers, banking information, customer lists, employee information, financial records, you name it, they want it. Cyber criminals can attack your business using:

  • Viruses, worms, Trojans
  • Malware
  • Botnets
  • Web-based attacks
  • Stolen devices
  • Malicious code
  • Malicious insiders
  • Phishing & social engineering
  • Denial of service

And let’s not forget about a disgruntled employee. He or she can wreck your system and data from the inside.

The Challenge

In 2013, a witness before the House Small Business Subcommittee on Health and Technology said about small businesses: “…90% do not have an internal IT manager focused on technology-related issues; 87% do not have a formal written Internet security policy; 68% do not provide any cyber-security training to their employees; and 83% do not have an automated systems that requires employees to periodically change their passwords.” This shows the challenge you face as a small business owner.

The next part of this series focuses on and employee “mistake prevention”. In the meantime, here are some actions you can take now:

  • Physically secure your equipment. All the firewalls and anti-virus software in the world won’t help if a thief can just walk off with your laptop or tablet.
  • Get your data backed up and stored off-site.
  • Talk to any service providers you use, such as credit card processors, and find out what they’re doing to secure your transactions and data.
  • Does your office have its own WiFi network? Lock it down! Break out the manual and set a good, long password. Change it often.

Have you checked the cyber security vulnerabilities in your business? The IT experts at Waypoint would love to review your IT needs for free, please click here to sign up for a free, no risk IT assessment.


Posted on: 04.23.15