A watering hole, or water hole, is a website with vulnerabilities that hackers take advantage of to plant malware. The idea is that the malware simply lies in wait until someone visits your website, and if that someone is not using protection, he or she will find their computer or smartphone infected with that malware.
Category: Small Business Page 8 of 9
OK, so there’s no such thing. But guess what? It’s still October, which means it’s still National Cyber Security Awareness Month. Close enough, right? That also means there’s still plenty of time to focus on the security housekeeping that’s crucial to the success and survival of your web presence.
Security is like profit – it’s not an option. And that’s even more important to remember if you rely heavily on your website, either to promote your business or to process orders.
You probably already know that October is National Cyber Security Awareness Month, right? Of course every month should be cyber security awareness month because these days no business can afford to let its guard down. Not for a moment.
But because businesses and consumers are often too busy to think about security when it matters most, a national celebration was created as a reminder. And we’re celebrating NCSAM by sharing with you some of the most basic security options that are available to any small business.
Does your website have a bouncer, and if not, why not? Think about it. Websites are being probed by hackers millions of times every day, using sophisticated and automated hacking tools looking for any vulnerabilities they can exploit. It’s like having a store on Main Street that’s swarmed with visitors every single day, only you can’t tell which customers are going to pay you and which ones are going to shoplift.
A web application firewall, or WAF, is like a bouncer for your website. It stands between you and the street and determines based on a variety of criteria who gets in and who’s kicked out. It acts as a filter to make sure the visitors to your online store don’t mean you any harm.
There is a copious amount of evidence to support the notion that concerns over security, privacy, and trust stifle ecommerce, and continue to keep large numbers of consumers from shopping online as much as they’d like to.
The impact is felt even more by small businesses who constantly struggle to persuade consumers that their websites are a safe place to shop and surf. The customer might not always be right, but at least on this call, they are. Most small business websites, just like most small businesses, are inherently insecure. Consumers sense this, and it has become a barrier to trust.
Even just thinking about protecting your business from all the cyber threats it faces can be daunting. Where do you begin? Do you start with your website, or is it something more basic like having a security plan? Do you train your employees or lock down every computer and let technology do the work? If critical data has to be protected, which data first? Which data most?
It’s this very scenario that creates the biggest security vulnerability for most small businesses. When building an effective security program for your business begins to look like a much bigger mountain to climb, especially as you get closer, you put the project off until another day. And in the meantime, hackers can have a field day.
If you’re like most small business owners, you probably don’t believe that something as small as a piece of malware could threaten your business. After all, what could you possibly have that malware could want? And why would a hacker pick on you when they have so many bigger fish to go after?
Maybe this story will change your mind. A very small, nine-person business in southern California recently announced that it would have to close down suddenly and permanently after a small piece of malware known as a banking Trojan managed to slip on to the computer of one of its employees.
Many years ago, a bar owner shared with me the tale of how he was losing so much money in one of his bars he had to hire a loss prevention specialist to pose as a customer and watch his staff for any signs of financial impropriety.
The undercover customer spent nearly a month visiting the bar (what a job!) and reported back that he found nothing was amiss. He said he watched all the cash registers for four weeks and didn’t see one suspicious transaction at any one of the four registers.
In a recent interview with Barry Moltz on Blog Talk Radio, Neill Feather, President of SiteLock, responds to the growing concern, particularly for small businesses, of website risks and how adding website security can protect online businesses and their reputation.
The fact is that small businesses are increasingly a prime target for cyber crime. Case in point – Neill references a recent study by Verizon that states that 95% of online businesses that are attacked by hackers have fewer than 100 employees. And the number of attacks continues to grow each day.
Ever heard the saying “if you fail to plan then you plan to fail”? This is just as true in security as it is in business, and the lack of a clear plan to protect your business from cyber risks usually results in no real protection at all.
An information or cyber security plan is a very simple and free tool that can have a profound impact on how well your business is protected from cyber threats. A security plan is a short document, often no longer that a few pages, that outlines: