10 Tips For Keeping
Business Security In The Budget
Butit
doesn’thaveto be.
Smallbusinesssecurity
ispricey.
Consider these tips and tools that will keep you secure, and keep your wallet happy.
#1
Cost: <$200(per IP address)
• New ways to hack into servers and networks are discovered by criminals daily
• Vulnerability scans search for common vulnerabilities
• Third parties (like SecurityMetrics) help remediate weaknesses
• Ensure third party is ASV certified
Regular vulnerability scans
Update anti-virus software#2
Cost: <$50(per computer)
• Ensure anti-virus software is up to date on every computer
• Anti-virus software should be one security layer among many, and shouldn’t stand alone
Update soft/hardware#3
Cost: Free
To prevent vulnerabilities, regularly update your:• Operating system• POS terminals• Adobe applications• Internet browser• Printer• Anti-virus• Routers
Change passwords#4
Cost: Free
• Hackers can easily crack default passwords
• Passwords should have alphanumeric, special, uppercase, lowercase, and special characters
• Don’t use dictionary words
Common passwords
Install a strong firewall#5
Cost: ~$300
• A firewall acts as a protective barrier between your business and the Internet
• Hardware firewalls provide the best protection for business
Firewalls have
been around
since the 1980’s
Scan devices for threats#6
Cost: <$50
• Malicious code can easily be written into apps, even the legit ones
• Keep hackers out of your smartphone or tablet with mobile vulnerability scanning
How about this
vulnerability
scanning app?
Encrypt portable data#7
Cost: Free
• Encrypt all portable devices (hard drives, memory sticks, laptops, etc.)
• If an encrypted device is lost, the data will be impossible to read and kept safe from prying eyes
Don’t worry,
it’s easy!
Employee training#8
Cost: Employee time
• Humans are the weakest link in your security
• Regularly train your staff
• Implement security policies and ensure they are followed
!
Card data discovery#9
Cost: <$40
• 71% of businesses store unencrypted card data (and probably don’t know it)
• Use a tested card data discovery tool (i.e., SecurityMetrics PANscan) to find and delete it
yikes!
Get breach protection#10
Cost: <$100
• If breached, 80% of businesses go bankrupt or have financial difficulties for 2 years*
• Get at least $100,000 breach protection
*Privacy Rights
Clearinghouse
Consider the following…
Every business situation is unique based on company size, revenue, card transactions, etc.,
Your security situation is completely different from the shop down the street.
Don’t view security budget as a static variable.
When your organization changes, security considerations change too.
Perfect security is impossible, even (and especially) for the small guys.
Ask yourself:
What is the reasonable amount of risk at my
organization?
What can we live without and still remain reasonably
secure?
Effective security takes time and money.
It’s worth it when you compare against the cost of data compromise.
ASDFOIUGXKBEISHYALKXIBYEZLBIEZGIOISBBNDIASDFSFSSXNKDHIGYSECURITYMDIFYIDBEOIENGYSAEROIUBLVERUIXSMEMBIALCIINGHEIRUTIYBSOINASDFOIUGBISEIGIHMNEIGUSOOIERNBYS
Alone, it’s difficult to manage the security of an entire business.
Seek advice from a security professional to point you in the right direction.
SecurityMetrics will help you figure out what your biz needs, and keep it within your budget.