The Biggest Threats to Home Business Security

Did you know that many businesses of all sizes are now purchasing cybersecurity insurance? It is a very real thing, and meant to control the size of a business’ losses in the event of a “cyber incident”. This could range from a data breach or network damage to a prolonged interruption in operations or even a serious hit to the reputation. The key matter to recognize here, though, is that a focus of this insurance is to stimulate improvements in cyber security.

If you own a home-based business, then home business security is something you must consider. Whether you run the business as a separate entity from the rest of the home, using a different phone line, router, and even separate building, or you simply run it from a room in the home, home business security is a must.

If you look at reports from groups like the National Cybersecurity Institute, you see that the top two threats to small businesses in 2016 will be mobile malware and data theft from IoT devices. Both of these issues can actually be overcome through sound home business security practices.

The Biggest Threats to Home Business Security

Let’s consider those threats first, and then consider the solutions. Mobile malware is something that might seem very limited. You open something undesirable on your mobile device, but that’s the end of it…right? No, because your device may be linked to the business network, or brought into the business where it uses the network, it can then spread whatever malware was launched, causing any sort of problem — including hijacking for ransom.

Data theft from IoT devices is similar in its design to the issue of mobile malware, using any unsecured or compromised IoT device (often most vulnerable due to their use of apps) to gain network access and steal data.

Of course, this is not where the threats to your home business security end, and the other risks include cyber espionage in which information is stolen by hackers, extortion attacks and ransomware, and stolen data aggregation.

This seems quite overwhelming, and it is! How can someone who is focused on running and growing their home business implement solid home business security strategies when there are such expert hackers and cyber criminals at work? The answers are quite simple.

Your Simple Home Business Security

To make it very easy to understand and implement, let’s just consider your home business security strategy on a point-by-point basis:

• Begin by upgrading to a business level router if you do not have one. The router from the ISP (Internet Service Provider) is not designed for security, and is never going to deliver the kind of protection you want.
• Change the password to one that is impossible to guess and which uses a blend of 12 to 14 characters. Don’t use numbers or words that someone can associate to you or your business. Instead, use something very random and disorderly, a nonsensical password is un-guessable, and often hard for brute force software to break because it is unpredictable.
• Be sure the firewall is enabled.
• Use the strongest encryption — the WPA2 option
• Update the firmware on the router — even if it is new, go ahead and update and create a regular schedule of updates.
• Disable remote administration as this effectively blocks anyone from gaining access to the control panel unless seated in the office at a hardwired machine.
• Disable the UPnP (Universal Plug and Play) option as it doesn’t ask for authentication.
• Never use Port Forwarding.

Those steps have secured your router and made it very hard to hack, yet there are still plenty of opportunities for a hacker. To continue to upgrade the home business security, stop and think about the “embedded” or Internet connected devices in the office or on the same network.

In fact, don’t just consider them — take time to write it all down. The digital camera that uses WiFi to upload images, the fitness watch you wear to count your steps, the small and automated coffee system you splurged on for the office…believe it or not, these are Internet connected and vulnerable to hackers.

What on earth can they do with them? Two things, they can use them to piggy-back into the network, allowing them to trash the home business security by opening all of your files to their free and easy access. The other thing is that they could actually enlist your devices (and you might never know) in their botnet army, using any processing power to cause havoc elsewhere on the Internet.

So, take that list of devices, and go to their manufacturer’s website and be sure that you have all of the firmware updates for them. This can take a lot of time, and it will be something you’ll need to redo on a regular basis if you do not create a protective barrier between the devices and the Internet.

How do you that? There are now gateway devices that offer business-level protection, including the strength of firewalls and anti-virus software, and which integrate seamlessly into your network. Plugging in a device like the CUJO (it plugs into a port on your router), will allow your devices to have a sort of shield. They speak to the device, and their patterns and behaviors are learned by the unit. If incoming material is unusual, unexpected or suspicious, the gateway device blocks it. Very often, it is one of those embedded or Internet connected devices that allows a hacker to bypass the router and its protections.

This is why the gateway device can become a crucial part of your business security — allowing you to enjoy the use of those handy devices, without having to spend hours each month updating firmware in order to remain secure.

In addition to all of these things, remember that the FCC also recommends that you create mobile device action plans to reduce the threats they can create, backup data to an offsite or cloud-based location, and use passwords and authentications on everything possible — from the embedded devices to the computers in the office. You can create security and avoid the need for insurances to cover the worst threats.