11 Cyber Security Questions Every Small Business Should Ask (INFOGRAPHIC)


11 Cyber Security Questions Every Small Business Should Ask to Check Cyber Attack Preparedness (INFOGRAPHIC)

Don’t regard a cyber attack as a potential risk for your small business? Think again. Cyber crime is on the rise and hackers are increasingly targeting small businesses.

The big question therefore is: are you prepared for a cyber attack? Small business credit provider Headway Capital, has compiled data to help you check yourself.

Cyber Security Questions

Here are some questions every small business owner must ask to ensure they are prepared for a cyber attack.

Does Every Employee Have a Strong Password?

More than half of all data breaches caused by weak passwords and yet just 24 percent of small businesses have a strict password policy in place.

Are Your Employees Required to Change Their Passwords Regularly?

Despite having a password policy in place, 65 percent of businesses do not enforce it. It should be mandatory for your employees to change their passwords regularly to protect data.

When Possible, Do You Use Two-Factor Authentication?

Add an extra layer of data security by enforcing two-factor authentication wherever possible. For example, by adding SMS authentication.

Do Your Employees Use Their Personal Smartphones for Work Purposes?

Chances of malware attacks are greater when personal phones and devices are used in the office network. To prevent data theft, give your employees secure work phones with a passcode.

Are You Backing Up Your Files?

Cyber attacks can make your confidential files completely inaccessible. It is therefore a good idea to keep local backups as well as an offsite server.

Does Every Company Device Have Antivirus and Malware Software Installed?

Make sure the updated versions of antivirus and malware software are installed and check devices before use.

Have You Limited the Amount of Employees with Admin Access to Only Those Who Absolutely Need it?

Give access sparingly and only to those employees who really need it. Importantly, make sure those employees are well educated on security issues.

Are Your Employees Trained in Recognizing Phishing Emails?

Phishing accounts for 49 percent of all cyber attacks, and it can be tricky for an employee to identify it. It’s important to train employees to ensure they do not respond to suspicious emails.

Do Your Employees Know Never to Give Sensitive Information to Supervisors Via Email?

Sometimes hackers create an email address that looks genuine and is in the name of a colleague. Ask your team to double-check email requests for sensitive information.

Do You Encrypt Databases and Customer Information?

Without encrypting, your sensitive data is accessible to hackers. That’s why, you must ensure all your information is encrypted.

Are Your Websites Properly Protected?

Most attacks happen on WordPress websites. It’s therefore a good idea to install updates and stay updated on WordPress security best practices to avoid data loss.

Check your company’s cyber security preparedness by following the flowchart in the infographic below

11 Cyber Security Questions Every Small Business Should Ask to Check Cyber Attack Preparedness (INFOGRAPHIC)

Images: Headway Capital


More in: 7 Comments ▼

Shubhomita Bose Shubhomita Bose is a Staff Writer for Small Business Trends. She covers key studies and surveys about the small business market, along with general small business news. She draws on 8 years of experience in copywriting, marketing and communications, having worked extensively on creating content for small and medium sized enterprises.

7 Reactions
  1. most of the malware and antivirus solution needed to be updated regularly which consumes bandwidth, cpu and ram. I was tried of updating and regularly scanning the PC. was watching videos and antivirus promote updated needed, windows defenders need to scan your computer and da*n the experience was ruined.

    I searched for the solution and ended up finding IPS/IDS and Antivirus on a VPN. Yes I am right PureVPN gives antivirus on server level and claims that they have IPS/IDS on server level which is like thing of the future.

  2. It is surprising how small businesses ignore cyber security simply because it is not ‘important enough’ to be given attention. But they will regret it as soon as something goes wrong.

  3. Before you create a website, you should consider cybersecurity as your priority. This will help you prevent issues later on.

  4. I think that it helps to learn about cybersecurity. Sure, it may not be the most enticing topic to read but prevention is better than dealing with the problem when it hits you.

  5. The big issue is a lot of people either do not know or just put out fires when they occur.

    The owner/manager of any business needs to create a Security First mindset in the company, else you will find some areas secure and others wide open.