Free. We all love to hear that word. We so depend on free wireless connections that we expect them to be available whenever we need to “plug in.” Do you ever think about who else might be connected to wifi? Probably not. Should you be concerned though? Absolutely.

Hackers are all around, just waiting to access your computer’s information. Many small businesses have a laptop that serves all of their business needs. They are easy to transport and convenient, allowing information to be right at your fingertips. Do you keep company data on that laptop as well? If you have a home-based studio with a wireless router, is it secured with a strong password so no one can access it? Have you received pop-ups saying that you are connected to an unsecure network?

Cybercrime has surpassed illegal drug trafficking as a criminal moneymaker

Cyber breaches are becoming a regular occurrence and are expected to increase over the next several years. Don’t be misled by news highlights focusing on large businesses involved in cyber-attacks. Even though we seldom hear about small and medium sized enterprises (SMEs) as victims, they do occur. The U.S. Department of Homeland Security estimates that 40 percent of all cyber-attacks target businesses with fewer than 500 employees. The average cost for those attacks has been approximately $190,000 per instance. A 2012 report from Verizon studied 855 data breaches, of which 71 percent targeted businesses with fewer than 100 employees.

Point-of-Sale (POS) malware is projected to grow. In 2013, 20 cyber-attack cases were caused by the same type of malicious software targeting retailers’ POS systems. It’s important to understand that malware can lay dormant for months in a computer system. Some are extremely sophisticated and will not alert anti-virus software. Do note there have been instances in which businesses ignored alerts they did receive.

Obviously there are costs to protecting your information, but imagine the costs associated with leaving it vulnerable. Financial loss isn’t the only problem resulting from a cyber-breach. Loss of customer trust and negative publicity have even greater impacts on a business. Additional costs are also incurred after a breach. Victims have to be notified that their information has been compromised, along with federal agencies. A company may also be exposed to legal fees. Some industries have fines for not complying with securely maintaining client information.

The Small Business Administration (SBA) has put together a list of best practices:

• Do not surf the web on a wireless connection from your business computer. If you have access to an alternative laptop or computer, use that instead. 
• Do not download software from unknown pages. 
• Do not download files from unknown sources. 
• Do not respond to pop-up windows requesting you to download drivers. Many of those links allow malware or phishing software to be loaded on your computer. 
• Do not allow any websites to install software on your computer. If you are downloading information, make sure you initiated the request. For example, Adobe products, Java, etc. are normally fine. Be sure that you are downloading directly from the source. Don’t use a third party. 
• Protect passwords, credit card numbers, and private information in web browsers. You will have to work with your website provider on this. Conduct online business and banking on secure connections by making sure everything is https (“s” means secure). Don’t click on links via emails as many fraudulent attacks are initiated via link someone clicked on in an email. 
• Be careful when opening up email attachments. This is tough one to identify. Personally, if something has been forwarded a few times from others, I typically delete it. A general rule of thumb can be if you requested the information then open it, if you didn’t use caution. 
• Don’t reply to unsolicited emails 
• Don’t click on links in an email 
• Use separate computer accounts for each user 
• Use passwords and don’t share them
• Use screen locking when you step away. If using Windows, it’s located by the Shut Down command. Click on “Lock” and your system will be halted until you log back on. This ensures no one can access your computer without your knowledge. At the end of the day, log off your computer and power down your system. A lot of “phising” takes place at night time when everyone is sleeping. 
• Consider encrypting sensitive data on your system. This is generally achieved through software programs. An information technology specialist can help. 
• Use software firewalls to build a wall that malware cannot penetrate. It’s almost like building a wall around a castle. Many anti-virus software programs feature firewalls. 
• Secure your internet connection and change passwords. A lot of breaches take place because people use easy passwords that are only updated with a simple change. If you have a wireless router, protect or secure the connection through your internet provider. 
• Secure wireless access by making sure a password is required before visitors can sign on. If needed, setup a guest account for visitors and limit their access to your network. Wireless routers usually have a set-up page to take care of this. 
• Patch operating systems and applications. Most software applications and internet browsers have updates. Many individuals don’t think to download the latest version but it’s important to do so as they have patches for vulnerabilities (weak areas) on their system. The updates “patch” the operating system (such as Windows) to help protect your system. 

There are 5.6 billion credit and debit cards in the United States. Consumers are concerned about online privacy and credit card information. If you don’t have a privacy statement, this is a great time to consider creating one to put your customers’ mind at ease. Convey how you value their business, take privacy seriously, and don’t share customer information with other companies. If you sell via the internet, look into having your website verified from a reliable source, e.g., Trust Verified, Verified by Visa/Mastercard, Norton SafeWeb, etc., so they can see that you take the necessary precautions to keep their transactions safe.

Written by Luanne Mayorga, Northern Illinois University’s Springboard