Thinking about managing your tax bill before December 31? Download our 2024 Year-End Tax-Planning Guide here for tips and guidance.

Protecting Your Business from Cyber Threats

image015

Risk management is a key component in any successful business plan. In today’s world–where data breaches are common occurrences–it’s especially important for business owners to understand the digital risks they face. Are you doing all you can to mitigate the risk of a cyber attack?

Understanding the risks

Many small-business owners may think their organizations hold little appeal to hackers due to their small size and limited scope. However, according to the Small Business Administration (SBA), this naivete may actually make them ideal targets. Small businesses are keepers of employee and customer data, financial account information, and intellectual property. Their systems, if not adequately protected, may also inadvertently provide access to larger supplier networks. “Given their role in the nation’s supply chain and economy, combined with fewer resources than their larger counterparts to secure their information, systems, and networks, small employers are an attractive target for cybercriminals,” reports the SBA on its cybersecurity website.

Consider the following tips compiled from information supplied by the SBA, the Federal Trade Commission (FTC), and the Federal Communications Commission (FCC).

Cybersecurity tips

1. Assess: To protect your organization, you must first understand your vulnerabilities. How are your systems protected? Do you collect and store personal information of customers and employees, such as credit-card information, Social Security numbers, and birth dates? If so, how is this information stored and who may access it? Do you have a Wi-Fi accessible to employees and customers? How do your vendors and other third-party service providers protect their information? It may help to engage a professional to help identify your risks.

2. Protect: Ensure you have firewall and encryption technology protecting your Internet connections and Wi-Fi networks. Make sure your business’s computers have antivirus and antispyware software installed and updated automatically. Require employees and others who access your systems to use complex passwords that are changed regularly. Keep only personal data that you actually need and dispose of it securely as soon as it no longer serves a business purpose. Back up critical information and data on a regular basis, and store the backups securely offsite. Assign individual user accounts to employees and permit access to software and systems only as needed. Be especially cautious with laptops and company-assigned smartphones. Question third-party vendors to ensure that their security practices comply with your standards.

3. Document: Establish clear security policies and procedures and put them in writing. Cover such topics as handling sensitive or personal information, appropriate use of Internet and social media, and reporting vulnerabilities. Clearly spell out consequences for failing to follow the policies.

4. Educate: Develop a mandatory employee training program on the importance of cybersecurity. Explain the basics of personal information, as well as what is and isn’t acceptable to post on social media. Employees could unknowingly release information that could be used by competitors or, worse, by criminals. Ensure that employees understand the risks associated with phishing emails, as well as “social engineering”–manipulative tactics criminals use to trick employees into divulging confidential information.

For more information

Business owners who want to learn more can find a wealth of helpful information online. In addition to visiting the SBA’s cybersecurity website, business owners might want to review “Protecting Personal Information: A Guide for Business” and “Start with Security: A Guide for Business,” both available on the FTC’s website.

 
Prepared by Broadridge Investor Communication Solutions, Inc. Copyright 2016

footerlogo

Securities offered through Emerson Equity LLC. Member FINRA/SIPC. Advisory Services offered through EagleStone Tax & Wealth Advisors. EagleStone Tax & Wealth Advisors is not affiliated with Emerson Equity LLC. Financial planning, investment and wealth management services provided through EagleStone Wealth Advisors, Inc. Tax and accounting services provided through EagleStone Tax & Accounting Services.

For more information on Emerson Equity, please visit FINRA’s BrokerCheck website. You can also download a copy of Emerson Equity’s Customer Relationship Summary to learn more about their role and services.

Download our Form CRS (Client Relationship Summary) by clicking here.

Download Form ADV by clicking here.

Download Form ADV Part 2A by clicking here.

Click here to learn more about our Privacy Policy and Information Security Program.

Click here to for additional disclosures

Investment products & services are only available to residents of CO, DC, FL, KS, KY, MA, MD, NC, NY, PA, SC, VA & WA.

Licensed to sell insurance and variable annuities in the following States: DC, DE, FL, MD, ME, MI, NC, NJ, NY, PA, SC, & VA.