From digital payments to social media to mobile ordering, technology has radically transformed how small business owners operate. At the same time, the speed of technology innovations has created an increasingly difficult challenge: how to protect a business from cyber threats.

Many initially think about large companies when discussing cybersecurity breaches, but small businesses are just as vulnerable to threats. In fact, a single business can spend more than $1 million recovering from damage or theft of IT assets. This can cripple a small business.

The best defense is to be prepared, so here are some strategies you can take to make your business more resilient to cyber threats.

Understand your unique needs for security

Business owners must understand that having a one-size-fits-all approach to cybersecurity can leave substantial gaps making their businesses vulnerable. The first step is to think about exposure: this includes the hardware and software you are using as well as operations conducted via web or cloud-based systems. You should also consider what unique threats there are to a particular system. An important note: it isn’t enough to think about your own business. What about the third-party vendors you’ve hired? Any of their vulnerabilities will affect you, too.

Prevent against the vulnerability of connected systems

Connectivity of systems both internally and externally has been a major driver of technological progress, and the advent of things like cloud-based storage and mobile payment options have made doing business easier. But while interconnected systems may make things run more efficiently, it also can increase the risk – a vulnerability in one system can affect the connected ones as well. 

Keeping critical systems like payroll, business email, and point-of-sale (POS) separate can decrease the inherent risks of connectivity and help ensure that one cyber threat doesn’t compromise a business’ entire operation. Another solid strategy is to have a well-integrated backup system for both internal and customer information. Regularly backing up all files and having separate POS solutions can help you to prevent a business from being potentially crippled in the event of an attack.

Handle employee access carefully

Employees can also be a major threat to a company’s cybersecurity infrastructure. Ensuring proper training and clearly defining access to systems based on your employee’s roles helps to cut down the risk that they will introduce a cyber threat, intentionally or not. Managing the access of employees also includes regularly updating any security credentials like usernames and passwords, and immediately removing an employee’s access following termination. These are elements that easily can be forgotten and yet can cause serious issues if left unchecked.

Don’t forget mobile security

The security of mobile devices like smartphones and tablets is also a key consideration in guarding against cyber threats. Regularly updating passcodes, only downloading applications and files from trusted sources, and avoiding any suspicious links or texts are all important to protecting your business from the risks of mobile technology. In addition, using anti-virus software for mobile devices helps protect them in places with public networks like airports, convention centers, and coffee shops.

Cyber attacks can cost your businesses money, customers, and hard-earned reputation, so protecting against them should be a priority. With the holidays nearly upon us, addressing potential threats now can decreases your chances of facing cyber issues during a busy time of year.


Rich Baich is Chief Information Security Officer at Wells Fargo