Top 10 SMB Cybersecurity Tips


After surviving COVID shutdowns and distracted customers, don’t let a cyber attack be your undoing.

The year 2020 has been full of unexpected changes for all businesses. With the quick transition to remote work, many businesses are more exposed than ever before, with budgets tightening and a focus on surviving this challenging environment. After surviving pandemic shutdowns and distracted customers, small businesses cannot afford to be caught unaware and vulnerable when it comes to potential cyber attacks.

Here are ten tips to keep your business and your team from being considered the lowest hanging fruit to cyber criminals. Sales are important but the word of 2020 is SAFETY, do not ignore it and you will move into the new year stronger than ever.

  1. Train all staff in security principles.
  2. Protect information, computers and networks from cyber attacks using widely-available defense technology.
  3. Enable a firewall at the office and all remote locations.
  4. Create and distribute a cybersecurity policy, including use of personal devices.
  5. Have and document a back-up strategy for network and endpoint assets.
  6. Protect your endpoints.
  7. Have and enforce a policy on physical security of computers and other hardware
  8. Create separate user accounts for each user in each system. Do not allow sharing of login credentials
  9. Keep administrator rights within the IT department
  10. Secure your Wi-Fi networks with encryption and complex passwords.
  11. Employ best practices on payment cards.

-Use a reputable third-party payment processor and do not store payment card information.

  • Limit access to information to only that required for staff to do their jobs. Maintain appropriate segregation of duties.
  • Require unique and complex passwords, using multi-factor authentication where possible. Consider a password manager.

If you are new to cybersecurity, or looking to ensure you have the basics covered, this should set you on the right path.  Stay tuned as we cover areas like cyber insurance, managed service providers and moving to the cloud in upcoming blogs.