By Ken Norvell

The hustle and bustle of the holiday season is approaching fast. With Black Friday and Cyber Monday around the corner, local shops, restaurants and e-retailers alike need to properly prepare their systems for the surge in business.

Oftentimes, retailers’ sole priority is making sure the shelves are stocked with the trendiest gadgets, toys and clothing. But this is where a business can find itself in trouble. As consumers head out to get gifts and mingle with family, holiday hackers are also busy getting ready to cash in on a business’ security mistakes.

Aside from the frustrations a cyber breach can cause, they can also harm a business’ reputation, which is why it’s important that local businesses, not just the large retailers, are alert and prepared.

Below are six precautions all businesses should take to help keep its data and its customers’ data safe this holiday season:

  1. Double check software – We’ve all been guilty of ignoring a software update on our phone, but these updates are essential to maintaining proper security. Much like our smartphones, computer systems need to be updated regularly as well. The updates help to resolve any vulnerability in the software and security patches, so it’s essential that these updates be processed properly.
  2. Educate employees – Viruses can occur in many ways, and sometimes they infiltrate a system because of an error from an employee. Email is key to business operations these days, but with that comes risks, such as malicious phishing scam emails. Clicking on a link in one of these emails can cause your system to be hacked, ultimately putting your customer data at risk. Talk to your employees about best practices for email usage. The most important thing to explain is to avoid opening or clicking links from unknown senders. Keep an eye out for sloppy typos or grammatical errors, as these could be signs of a spam email.
  3. Strong passwords – Businesses should be changing their passwords regularly as hacking software can test up to 10 million password combinations in seconds. When protecting data most appealing to hackers such as billing, tax and credit card information, businesses can consider using a two-factor authentication method or a secure password generator. It’s important that all devices that have access to private information are password protected; this includes work stations and employee devices. There should be a lock screen in case the device gets tampered with, lost or stolen.
  4. Card Skimmers – We often hear about card skimmers being attached to credit card devices at businesses that don’t have a lot of close surveillance, such as gas stations. But, the holiday season can cause cyber criminals to take more risks, such as attaching these devices to grocery and retail store checkout stations. Let your employees know they should report any unusual lingering near check out stations and to keep an eye out if the card station acts up.
  5. Back up data – After businesses suffer a cyber attack, they usually find that a lot of the stolen data could have been protected and restored if it had been backed up. For example, Ransomware viruses hold a computer’s data hostage until a ransom is paid (if they give it back at all, most take the payment and never return the data). If a business had the computer data routinely backed up, they could forgo the risk of paying the ransom. Not only are routine back ups essential when it comes to cyber security, it’s helpful for disaster recovery (floods, fire, storm damage, etc.). All data should be backed up onsite and offsite, and tested regularly.
  6. Plan for the worst – No one wants a cyber breach, but as cyber criminals continue to fine tune their skills, and we as a culture continue to embrace the digital sphere, businesses should have a plan if a data breach was to happen. The action plan should include working with an IT expert to restore data and system security, alerting stakeholders, and sharing details about next steps.

Though major retailer breaches make headlines, small and medium-sized businesses are popular targets for cyber criminals.  All businesses should take the proper steps necessary to keep cyber criminals at bay.

Ken Norvell is the owner of  CMIT Solutions, Pleasanton, which provides IT support to small and medium-sized businesses throughout the area.