Cybersecurity for SMBs, do you know how to protect yourself?

Small and medium-sized businesses are targets of cybercrime. It may sound rigorous and scary, but it is a reality. Many think that their businesses are not going to be of interest and overlook the cybersecurity of the SMB, but in the long run, they discover that this is a mistake. Not only large companies and banks are victims of hackers. More and more SMBs regret not having made a greater effort to improve their protection and make more backups, and thus be less vulnerable to cybercriminals. How should the cybersecurity of an SMB be?

Those responsible for SMBs are usually focused on their own business, on the nature of it, and that is why, many times, they do not pay attention to other issues such as protection and cybersecurity. Of course, the person in charge cannot be everywhere or attending to all the issues, but it is interesting and, of course, highly recommended, to have a person in charge, who is dedicated to the protection against cybercrimes in the company, someone whose job is to implement ways to protect the business against data loss.

A hacker may want a lot of information from a company, everything is interesting and, of course, his/her ultimate goal is economic. Think that you are attacked by one of these hackers and, suddenly, without expecting it, you lose customer data, your sales data, orders, ongoing projects, and even economic or expansion data that are key and fundamental to your company. This may be your worst nightmare.

Employers and freelancers must be aware that this type of problem must be considered, and protect themselves accordingly. Although the pace of work of an entrepreneur in an SMB can be strenuous, it should not be forgotten that you can be the victim of a cyberattack and then, it may be too late.

The dangers of suffering a cyberattack exist, and it is best to protect yourself. There are two things that must be taken into account:

1. On the one hand, it is necessary to prevent the attack or the hacker from accessing the business, so the most convenient thing is to apply cybersecurity solutions designed for this purpose, such as antivirus, firewall and, of course, ways of acting. Employees must be aware that threats exist, and they must know how to act in each situation. They should not access websites that are not authorized by the company's cybersecurity manager. They should not install programs that are not verified by the company, or open certain emails and, of course, they should not execute anything unknown, even if it comes from a friend or is on social media. Procedures must be established in the actions of employees to avoid being attacked.
2. But what if something fails? Because we all know that, sometimes, these things happen, unfortunately. Then, the only thing that can restore the business is to have been vigilant and have a backup of the entire system, a backup of the data, and even a backup of the servers to be able to proceed with the complete restoration in a short time and, that way, the cyber attack will not affect business continuity or reputation. In fact, it is highly important to make periodic backups of all sensitive information of an SMB and, in general, of any business and personal information. This type of backup must be carried out not only of computers, but of all devices that are considered vulnerable, such as smartphones, tablets, laptops, servers, etc.

The threat of ransomware attacks is now a reality, and protection against ransomware. We have all heard of WannaCry, Petya, Jigsaw, Kimcilware, Cerber, CryptoFortress, Maktub, Tox, etc. But these are just a few ways to attack computers, ransomware is just one of the forms of malware.

Malware includes not only ransomware (which encrypts information and asks for a ransom in return), but also includes viruses, Trojans, adware, spyware, worms, phishing... The world of cybercriminals is wide, and their techniques too, so do not hesitate to protect yourself and always have a hard drive image or data backup, Windows backup, and even backup of servers.

How do these ransomware attacks happen? Well, the first thing that happens is that one of the company's computers is infected. Now the ransomware will be dedicated to encrypting the information (blocking it and leaving it inaccessible) and to spread to other computers of the company that are in network. And so on, until everything is infected. And how to retrieve the information? Well, the attackers request money in exchange for a code that allows all the information to be unlocked.

All these attacks involve a loss of information, complete or partial, and access to the business that definitely have a great impact on it.

In Spain, the National Cybersecurity Institute (Incibe) revealed that 70% of the companies attacked in 2016 were SMBs. The data speak for themselves, and they are very high figures, more than we could imagine at first.

That is why it is more important than it seems to protect yourself and be prepared for an attack. Cybercriminals seek information from both the company and customers. If they succeed in attacking, the data and privacy of the customers are also affected.

You must always bear in mind that this can happen at any time, that you are not prepared, and you cannot act shortly beforehand to avoid it. You have to always remain vigilant, always be protected and with backups of everything you do not want to lose and, of course, of all confidential information.

You are always exposed to cybercrime, so you have to be prepared and be cautious. It is very important that employees take into account simple security rules that greatly reduce the risk of a cyberattack such as:

• being wary of emails that request private or confidential information
• changing passwords every so often and making them strong, secure, and hard to guess
• never using a device without antivirus
• notifying cybersecurity managers in the event of a suspicious alert being detected
• do not install programs, games, or applications not authorized by the company
• do not connect to external devices, such as mobile phones, USB sticks, or other devices that are not authorized by the company
• being sensible and always thinking about the consequences that some actions may have for the company and, ultimately, for the job itself.

People always say that it is best to be in the right place at the right time, since something similar happens with backup copies. You need to have them when they are needed, the more updated the better, so you can avoid lost work days and lost important projects, and of course, you need to have them in the right place away from the source of the attack. You need to have the right backup, at the right time, and in the right place.

What should be protected and how? Well, the best thing is to have everything under control. Today, there are comprehensive security solutions like the one offered by Acronis.

Acronis Backup allows us to have backup copies of everything we want, not just data. You can make backups of Mac computers, Android systems, PCs, tablets, smartphones, Windows, servers, databases, documents, photos, email, folders, files, etc.

Where to store the backup? It is recommended to have several backups and, of course, in different places. If an incident or attack occurs, this backup will not be affected. One of the options that many users choose today is cloud backup, which allows access to it from different places. Another place to store the backup is usually an external drive disconnected from the network, so as not to suffer the consequences of a cyberattack, if it occurs.

Backup deduplication is a technique that offers many benefits and that is why it is being implemented more and more in companies, and also by individuals. Thanks to advances in software, it is possible to make backups without affecting the performance of computers or the way employees work, since these can be done on a scheduled basis, avoiding data redundancy, and in a background.

If you are concerned about your business and want to protect yourself against hackers, cybercriminals, ransomware, and malware attacks, then whether or not you have knowledge on the subject, you must protect yourself first, so that they do not occur. And if they do happen, you should always have a backup that allows you to restore everything in a matter of minutes, as Acronis, the market leader in backup and restore, allows you. Now is the time to be less vulnerable, avoid risks, and improve your cybersecurity.