Since the pandemic, many of us have been working from home using laptop computers or other such devices to log into emails, social media accounts and the internet. Many small businesses are now operated entirely from the homes of the business owners. This environment opens these home-based businesses to a number of cyber threats. At last week’s meeting of local small business owners, cyber security expert Steve Wellman gave an informative presentation on these threats and how to keep your business’ data safe.
Wellman has been a Certified Information Systems Security Professional since 2010 after beginning his work in the field of Information Technology since entering the U.S. Air Force in 1988. Wellman is still working for the military as a Cyber Operations Superintendent for the Indiana Air National Guard in the Fort Wayne area.
According to recent data, nearly half of all cyber attacks target small businesses. In 2020 alone, there were over 700,000 cyber attacks against small businesses totaling $2.8 billion dollars in damages. Many small home-based companies are unprepared to deal with these threats.
“Malware is one of the most common threats used to attack small businesses,” said Wellman. “Another common threat comes when former employees continue to have access to systems. When an employee is terminated, their access should be removed as soon as possible to avoid any malicious actions.”
Wellman also provided each of the attendees with information as to the best ways to secure their home networks. Some of these tips include muting microphones and covering cameras when not in use, limiting sensitive conversations when nearby to home assistance devices such as Alexa and Siri, backing up data to external drives or portable media, regularly updating and upgrading all equipment and software including routers, ensuring transit security encryption with a lock in the address bar, use WPA3 or WPA2/3 routers with protected management frames updated with the latest patches through automatic updates, and scheduling weekly reboots.
Wellman also suggested educating all employees to your company’s policies on internet usage, limiting all employees to only the minimum access they need to do their jobs, and practicing secure habits by logging off, and shutting down devices when not in use.
“As an IT guy, when I walk into a business I see things,” said Wellman. “I often look to see if the routers are in a secure location. I watch employees. You’d be surprised how often an employee will walk away from their computer staying logged in and leaving it open for anyone to walk up to and do whatever they may want.”
Wellman also noted that there are a number of organizations that provide free services to small businesses to help improve their cyber security practices. Among these are the Central Indiana Small Business Development Center, and the Center for Internet Security.
“The threats are always out there and constantly evolving as technology advances,” said Wellman. “By practicing good ‘cyber hygiene’ companies can protect themselves against many of these cyber attacks.”
