Here’s a sobering fact: A recent cybersecurity study on malware found that roughly 40% of successful malware attacks targeted businesses with less than 500 employees. The studies go further to show that at least one out of five small companies will fall victim to cyber-attacks every year.
Of those companies attacked— a staggering 60% are forced out of business within six months of an attack. Yes, sixty percent.
Those numbers alone should have your attention right about now so let’s get to what you came here for— the best way to prevent that from happening to your small business. The best way to prevent a malware attack is to understand a bit about the threat and how it works. We won’t get into the coding jargon, but we will break it down in plain English as to just how serious of a threat malware is to your business.
What Is Malware?
We provide managed IT services in Houston for many small businesses and the reality is that many employees don’t truly understand what malware is. Even more surprising, many of their internal “IT people,” don’t have a grasp of it either. Most employees just know it’s bad, and that it’s usually a “virus”—and they are partially correct.
- Malware is actually not a specific type of threat per se, but rather an all-encompassing term that includes any software that is forcibly or unknowingly installed on your computer, that does a task for a someone else’s gain, usually a hacker or some type of cybercriminal. Viruses, ransomware, and spyware are just some of the threats covered by this broad term.
- Viruses are types of software that similar to their biological namesake, can replicate themselves and spread to other computers via network transmission. This is why they are likened to a bodily infection. Viruses are designed to carry out many different kindsof actions such as deleting files, destroying a hard drive by making it spin faster than intended, or hogging computer memory which cripples a computer.
- Spyware is a pieceof software that does exactly what it says—spy. It collects information from your files, databases and system files and sends them to the parties who seek the information for ill intentions. Information such as web history, website logins, bank account info, passwords and network information. It can even record every keystroke you make, so nothing is private. When you realize how often credit cards are input on websites to purchase everything from lunch to furniture—you realize how serious of a threat this is.
- Ransomware is a type of software that ironically uses your data against you in various ways. For example, Cryptolocker was one of the first of this relatively new variation of malware and first appeared in late 2013. The software encrypted your entire hard drive making it inaccessible to you without the proper credentials or password. The software would instruct you to electronically send a nominal sum of money in order to regain access or lose the files forever. The only workaround if you were lucky, was to have a clean backup of your data already on hand to revert to—otherwise there was nothing you could do.
The overwhelming effectiveness is typically due to people just not being informed and proactive about malware risks and prevention—and that’s exactly what hackers bank on. The obvious solution is to revert and be proactive and be more aware of malware methods and prevention—but do you know where to start? Luckily, we do.
Guide To Guarding Your Small Business AgainstMalware Attacks
- Use Anti-Virus AND Anti-Malware And Keep It Updated: Most people have heard of anti-virus software but not as many know what anti-malware software is. Both are relatively the same but viruses, while once widespread are not as popular with hackers anymore. They are still a threat but have been replaced by more creative, quicker to launch variations of malware. While an anti-virus such as ESET NOD32 Antivirus will protect you against a wide array of malware, it’s main focus is on viruses. As we mentioned, there are still some viruses out there floating around but malware such as spyware, ransomware, adware, andbots are the more popular variety these days.You need to use a tandem of an anti-virus such as ESET as well as anti-malware protection from developers such as Malware Bytes. This software is focused on malware that is either newly released into the “wild” or various exploits such as ransomware, or code that makes your computer a slave to spread more. By using both in conjunction you are staying on top of the threats as they develop.
- Update Your OS, Firewall And Other Applications: Your servers operating systems and firewalls should be consistently updated as soon as updates are available. The longer you wait to update your systems the greater the risk is of infection due to lack of new protection and exploit patches.
- Create Smart Password Protocols and Enforce Them: Passwords can be the Achillesheel of any IT professional. People if left to their own choosing, will choose the same passwords they use for everything. They will use passwords that have personal info in them or have commonly used words or numerical sequences. A complex, hard-to-guess password is crucial to effective protection. Compare the password user1234 versus something more unique such and complexsuch as “SeKuRe23#b9.” Sure it may be harder to remember, but what should employees value? Convenience or proper security? Make your employees follow a universal password format that requires it to contain at least 8 characters (numbers, symbols, andletters) and is changed every 90 days or so. This will keep password crackers or random guesses from being effective.
- Develop and Execute Device Use Policies: You have to set limits as to what employees can do on company owned and connected devices such as PC’s, phones and printers. Tools like internet browsing and site filters will help with this. You can limit employees right to change the system files and whether they can install software or not.
- Develop Employee Separation Policies: What is your company doing to make sure former employees cannot access your systems after their separation from the company? When an employee is separated from the company, no matter whether it’s a line worker or the CFO, you need to lock their access out immediately to preventvengeance in the form of malware deployment by disgruntled former employees.
- Educated Employees Is The Key: One of the most proactive ways to protect your company is making sure your employees have the proper training to make smart computing decisions. For example, employees should have structured training on the handling of confidential information, passwords and phishing schemes. They need to know what to do when encountering possible attempts to compromise your network or data. There should be regular mandatory training classes for all employees covering best practices such as:
- Avoid clicking on links that seem suspicious or from unknown parties
- Avoid unknown websites non-essential to work or that are suspicious
- Ensure all emails, attachments and downloads are scanned before opening
- Effective password creation (numbers, letter, andsymbols)
- Avoid running programs that have not been verified
How To Streamline Cybersecurity With Marimon
Naturally, this is a lot of information and tackling malware threats can be an overwhelming undertaking for one IT department in most small businesses. Why put that much load on your employees when they could be maximizing their utilizationin other more profitable ways?
Marimon Managed IT services takes the guesswork out of your cybersecurity. We take an in-depth inventory of your IT needs and weaknesses and compile a safe protocol that keeps your company running smooth and protected.
With our combination of state-of-the-art hardware and software,you can have peace of mind knowing your actually saving money by outsourcing your IT to dedicated professionals. When you consider that just one attack can bankrupt a small business and an IT department can cost far more than the usage you will get—outsourcing with Marimon managed IT services is simply the smarter choice.
Contact us today to see how we can mitigate your risk of attack and keep your company safe from malware and keep your employees workflow at maximum efficiency.