In this blog, we offer ways your small business can use the Cloud to keep your sensitive information safe and out of the hands of hackers.

If you aren’t convinced of the importance of protecting your business information in the Cloud, look at a list of some of the high-profile companies that were recently hit by hackers. JPMorgan Chase, Target, Home Depot and Sony have all been the targets of hackers in the past year or so. According to FBI Director James Comey, “There are two kinds of big companies in the United States. There are those who’ve been hacked…and those who don’t know they’ve been hacked.”

Of course, small businesses are also potentially vulnerable to hack attacks. While your small business isn’t as big as Target, the data you are storing there is still valuable to you, your employees and your customers. Here are a few tips on ways to minimize the danger of your valuable information falling in the hands of hackers and other nefarious types:

Back up your data. Even though your company’s information is stored in the Cloud, experts advise you to manually back it up on a hard disk or a thumb drive. This will also allow you to access files if your Internet connection is interrupted.

Be smart with your passwords. This is probably the most crucial way you can proactively protect your small business data in the Cloud. Create complex, original passwords for every one of your accounts. Experts say the best passwords contain lowercase and capitalized letters, special characters and numbers. You should also make sure you and your employees change passwords at regular intervals, usually every few months. There is password management software available to help with the daunting task of remembering all those complex passwords. They include Dashlane 3, Password Genie 4.4 and LastPass 3.0 Premium.

Stay on top of software upgrades. It’s easy to take software upgrades for granted. Doing so can leave your business vulnerable to hackers, so make sure you download security updates on a regular basis and use security programs to safeguard your data.

Protect yourself with anti-virus programs. This will help guard against viruses and malware. Make sure you upgrade them on a regular basis. Some of the best-reviewed programs include Webroot SecureAnywhere AntiVirus, Bitdefender Antivirus Plus and McAfee AntiVirus Plus.  

Consider encrypting your information. This is especially important when dealing with sensitive information, such as credit card numbers and other personal data of customers. While most cloud storage companies provide encryption and decryption, double-check to make sure they are part of your contracted services.

Carefully choose your cloud storage company. Pick a provider that limits file access to carefully vetted employees, and make sure you only share documents that contain no confidential or essential information.

Be picky about what information you put in the Cloud. For example, experts advise against the common practice of using Social Security numbers to identify customers. Pick another method, with less chance for putting sensitive data at risk in case your business ever falls prey to hackers.

Make wireless network security a priority. Wireless networks are becoming increasingly popular targets for hackers. To stop them in their tracks, protect both your Wi-Fi and router access with robust passwords and use your router’s strongest encryption standard. You should also consider disabling the SSID broadcasting function on your wireless router to keep your networks hidden from would-be hackers.

Protect sensitive credit card information. If your small business accepts credit cards, you should look into using the EMV payment system. EMV derives its name from its founders, Europay, MasterCard and Visa, and utilizes sophisticated technology to protect credit card information. EMV uses microchips embedded in credit cards to safeguard cardholder data. Currently, the liability for fraudulent credit card usage falls on credit unions and banks. That is set to change this October 1, when new regulations take effect making small businesses liable for unauthorized charges. This means if your small business doesn’t accept EMV cards, you have only a few months to do so, or you could end up paying later. Several companies sell EMV card readers for small businesses, including squareup.com/emv, frontlineprocessing.com/services/emv/ and cardinalcommerce.com.

Phishing – the attempt to get financial or other confidential information from a person or business online – has been around for years and it doesn’t look as if scammers intend on stopping anytime soon. In February 2015, authorities announced that, over the past two years, a cybergang called Carbanak used phishing techniques to steal more than $1 billion from banks, e-payment systems and financial institutions in 30 countries around the world.

It appears Carbanak used spear phishing techniques to make off with all that money. Spear phishing uses emails that appear to come from an individual or business the targeted person knows, rather than generic messages (such as those addressed to “Dear Sir or Madam”) that scammers have been using for years.

This was the state of phishing and malicious attacks back in 2015, with security experts predicting 2016 would be the worst yet for businesses. Then we entered 2017.

With the recent attacks of ransomware - like WannaCry and Petya - businesses are becoming increasingly targeted by hackers. Back in 2015, Malwarebytes spokesman Adam Kujawa predicted that future phishing attacks would target a wider range of employees, such as those with access to potentially lucrative data, such as a firm’s customer accounts.

Think your employees are too savvy to fall for what looks like an obvious scam? IBM researchers discovered that businesses are seeing more and more malicious email, with a 4x increase of spam in 2016 alone, and email is still the number one method of delivering malware. During the summer, Google experienced a major phishing attack against their Google Doc users. 

Cyber experts say that businesses need to be vigilant to prevent phishing attacks. Here are ways to protect your organization and customer information:

• Choose passwords carefully. Resist the natural urge to use one password for all the sites you visit. When you do, it just makes things easier for scammers. All your passwords should be very different from each other and contain random letters (both uppercase and lowercase), numbers and symbols.
• Make sure you are current with patches, updates and security software. When you receive notices advising you to update your software, follow through. Most browser and operating system updates include vital security patches and may be able to detect phishing messages as malicious.
• Think before you act. If you get an email from a “friend” asking for a password or other information, be suspicious. If you’re not sure it is actually from someone you know, call or send a separate email to the person verifying it’s legitimate. If the email is from a bank or another business, be extra careful before replying, clicking on a link or downloading any attachments. Legitimate businesses don’t send out emails asking for account information or passwords. One easy way to check if an email is a scam: check for spelling errors and bad grammar. Many phishing emails contain atrocious misspellings and mangled grammar.

To learn more about keeping your business safe from spear phishing attacks, log on to https://www.staysafeonline.org

Over 200,000 computers in 150 countries were affected by the WannaCry ransomware attack and it took nearly two weeks for others to bounce back after the Petya attack. As a business, concerns about being a victim of ransomware, a hacking attack that holds your computer hostage until you pay a ransom, is legitimate. This type of malicious software from cryptovirology, threatens to publish the victim's data or perpetually block access to it unless the ransom is paid.

The popular USA Network show, "Mr. Robot", follows a group of hackers that manage to disrupt a large corporation and society with a hack. This not only cripples the company, but also the society which heavily relies on the corporation's technologies. So what can this show teach businesses about cybersecurity? A lot. For instance, many data breaches and attacks come from within a company itself - in most cases, because employees aren't careful with their passwords, install malicious programs, or don't understand the company security policy and surf websites that can open the company's server up as a target to attack. As such was the case in "Mr. Robot". In this blog from the Columbia Business Times in Missouri, see how this TV show shines a light on cybersecurity lessons every business should be attentive to.

Along with ransomware attacks, another attack method businesses should be wary of is Phishing. And yes, it is still an issue in 2017. Click here to learn how to keep your proprietary data, as well as your customer's personal information, safe with secure and reliable broadband connections from Gigabit+ Fiber Solutions.