Guest Post: NordVPN Provides 10 Tips on Protecting a Small Company From Cyberattacks

After two major ransomware attacks swept the globe and affected numerous large organizations, many companies started re-thinking their cybersecurity protection policies. However, many small businesses still go unprotected – and they could become a target of a ransomware attack any time, since such attacks will be increasing in intensity and sophistication.

“Small business owners and CEOs should focus on cultivating the mindset in their company that – instead of making people paranoid for no reason – builds the culture of cybersecurity and cautious approach to all online activities,” said Marty P. Kamden, CMO of NordVPN. “Keeping an organization safe from cyberattacks means complete collaboration of all staff members – and everyone needs to know the do’s and don’ts of online behavior.”

A small business owner may be too busy dealing with everyday hassles of their company – such as payroll, demanding clients and making sales. However, if cybersecurity is not made a priority, the company may experience significant losses.

According to security firm ThreatMetrix, cybercrime attacks went up by 50% in all segments in 2016, which is a worrisome trend. Small businesses are considered to be an especially easy prey for hackers: at least 60 percent of small companies in the US experienced at least one cyberattack in the past year.

Besides targeted cybercrime, small companies suffer from malware, rogue software, unprotected Wi-Fi and other worrisome threats.

For example, an employee may open an email attachment that is infected with a virus and spread it across the network. In phishing attacks, a small business owner or their employees can get a fake email tricking them into revealing their personal information. In password attacks, a hacker could try to hack the system by trying to guess password combinations. And in ransomware attacks, hackers may ask for ransom in exchange for unlocking the company’s data.

While there could be many types of attacks on your system, we have selected a few common-sense solutions that every startup owner should know.

  1. Avoid opening emails from unknown senders. The rule is simple: if you are not familiar with the sender, better don’t open any emails, and never click to download any attachments or any links they might send.
  2. Use only https URL. Make sure all websites that you give your data to, have the secure ‘https’ URL. The ‘s’ in the URL means that it is a secure protocol and your data is encrypted properly.
  3. Use a VPN (Virtual Private Network). VPNs connect you to the Internet through an encrypted tunnel. A VPN server acts as a relay between the Internet and a company’s device, so nobody can see what data is being shared over the Internet. All that can be seen is that you are connected to a VPN server. A VPN service provider, such as NordVPN, can offer multiple benefits to small businesses, including secure data connections for remote workers and increased safety for business owners to share sensitive company data via an encrypted connection, so it’s not seen by any third parties.
  4. Update your firewall. Most systems have an automatically installed firewall – just make sure you keep up with its regular updates.
  5. Use anti-virus. Use an updated virus protection to make sure your system is protected from malware such as malvertising (advertisement online with malicious codes).
  6. Strong passwords and two-factor authentication. Perhaps the most basic requirement for any online account setup is using strong passwords. Weak passwords make it simple for hackers to break into your system and cause severe damage. Two Factor Authentication, also known as 2FA, is a two-step verification system that adds an extra layer of security. Besides password and username, it involves something that only the user can potentially know.
  7. Update your operating system. It sounds simple and easy to do, but it happens that we ignore the pop-up reminders for software updates. However, it’s one of the most important things to do with a computer, as such updates often fix security vulnerabilities and system bugs.
  8. Secure your mobile. If you are happy that your system is now secure, you might be forgetting one important part – your mobile devices. You probably store important passwords and other sensitive information on your smartphone, so don’t forget to encrypt your phone either.
  9. Be reasonable with rules. It’s not reasonable to ban the use of company’s computers or Wi-Fi outside of the company’s network. People need to connect when it’s most convenient for them. A more productive and efficient approach is to cultivate the expertise in cybersecurity for staff members.
  10. Don’t single out one responsible person. Cultivating a secure mindset should be the responsibility of the whole team. And if an attack does happen, the real culprit is the hacker, not your staff member. Blaming employees for cyberattacks will only lead to them hiding potential threats.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: