Cyberattacks: Tips for protecting your business

Tips, techniques, and best practices to safeguard your business data from cyberattack

4 mins

The time to act is now

For a lot of folks, it’s hard to remember what business was like when it ran by paper and pen. Keeping computers secure was something only large financial firms worried about back then. But times changed as businesses—of all sizes—began relying on computers and the internet to run. While cyber technologies provide tremendous benefits for growing operations, they create vulnerabilities, too.

According to the Small Business Administration (SBA), small and medium-sized companies have become attractive targets for cyber criminals. More than 700,000 cyberattacks on small businesses happened in 2020 alone. Fall 2021 saw a new twist: The FBI warned farmers and growers about a surge of cyberattacks timed for critical planting and harvest times. Safeguarding your operation starts with understanding threats and taking steps to protect your business.

Common cybersecurity threats

Most computer users are familiar, at least in concept, with malicious software. Known as “malware” for short, this software is designed to wreak havoc on your computer or computer network. The FBI and SBA note four types of malware are most common:

  1. Viruses are probably the best-known type of malware. These intentionally harmful programs infect your computer and spread, like a virus, to other devices connected to yours. Cyber attackers can use viruses to get inside your business systems and cause damage and disruption. It’s as easy as having you click on an email attachment or a website link.
  2. Phishing isn’t as well-known as viruses, but it’s very common, too. Phishing exploits emails or websites to gain access to your computer system. Phishing emails usually look like they came from people you know, then a link or attachment lets malware in. Once inside your system, the malware collects sensitive information—destined for some unscrupulous purpose.
  3. Spyware uses technology similar to legitimate software that allows companies to collect information about you, with your permission. One example is marketing data that helps deliver online ads for companies you shop. In contrast, spyware “spies” on your activities without your knowledge or consent, stealing information that’s sent on to someone else.
  4. Ransomware is rapidly becoming more common, and often arrives through phishing emails. The malicious software infects computers and connected systems. Then it steals or encrypts your data, so you can’t access anything until you pay a ransom. The cyberattacks highlighted by the FBI were ransomware attacks at the height of agriculture and horticulture’s busiest seasons.

Steps toward cybersecurity

Many cyberattacks can be prevented with basic education and security. If you’re not the most computer-savvy, tech-minded person on your team, that’s okay. Talk to whoever is. YOU may want to bring in an expert for a cybersecurity webinar to educate you and your staff. The FBI and SBA say these steps for protection are a good start:

  1. Learn cybersecurity basics and train employees. Establish rules for computer and internet use, then enforce them. Give every person with computer access their own user account; don’t let people share. Require strong passwords—no birthdays or “1234” allowed—and change them every three months. Apply rules to all computers and mobile devices connecting to your systems.
  2. Keep computers “clean” and up to date. Outfit your computers with current security software. Always install software updates as soon as they’re available. Don’t forget computers remote workers use. Run regular security scans to make sure your system stays malware-free. Keep your wi-fi networks secured, encrypted, hidden, and password-protected.
  3. Regularly backup all your data. The Federal Communications Commission (FCC) recommends at least weekly backups for all critical information on your computers. This includes documents and spreadsheets, customer and employee databases, accounting information, human resources files—everything that makes your business run. Store backups off site or in the cloud, where you can access it.
  4. Use best practices for card payments. Check with your card processors and banks to make sure the systems you use have up-to-date security and anti-fraud measures. Ask about other best practices you should use. Keep your payment systems segregated from less-secure computer programs. Don’t surf the web and process payments on the same computer.
  5. Develop a cybersecurity plan. Don’t wait until your business gets hit to develop an action plan. A quick, prepared response from you and your team can minimize damage and protect your assets. The FCC offers a free, simple, highly recommended online cyberplanner tool to help you create a custom plan for your business in seconds, right down to a cover sheet with your business name.

Here at ICL, we’re not cybersecurity experts. We’ll leave that to the FBI, SBA, and FCC. But we are experts at growing the best possible plants—and we care about you and your business. So, reach out when you have a minute. Let’s chat about your growing goals and how we can help. We are your partners in growth.