10 steps to protect your operation against cyberattacks

I just finished writing an article about cybersecurity targeted for a wider processing audience, and even though they didn’t put a strict word count on me, there simply wasn’t enough room for the article to get down into the weeds of prevention, particularly for the small processors.

If you read the article (coming soon to ProvisionerOnline.com, and will be linked here), you should come to realize that no one is immune from cyberattacks these days. The belief that “I’m too small to be noticed or hit hard,” is misguided at best and a crock at worst.

So, exactly how does a small operator protect itself from cyberattack?   

Here are my top 10 thoughts on what you can do:

1) Use real passwords.  A minimum of 12 digits, use numbers, special symbols, caps, etc.  Do NOT share them!  Change them often.

2) Use a network firewall on your incoming Internet connection, not just a router — and don’t rely on the Windows computer firewall as your only line of defense.

3) The QuickBooks computer needs to be on its own network and only limited people can have access to it!  Encrypt your data!

4) If you have WiFi for your customers, keep it on a separate, isolated network.

5) Limit the duties or capabilities assigned to in-house computers.  If you have a smokehouse computer, for example, then just use it for the smokehouse, not for surfing the Internet!

6) Update your computer operating systems!  Security updates are often deployed based on an active threat.

7) Segment your network. Your guest access WiFi, for example, should not be connected to your main network, and your finance/point of sales system should have its own network. Everything should be siloed so that the bad guys can’t take everything down in one or two shots.  Computers used to connect to email, surf the Web for research/social media, etc., should be isolated to a separate network and should be identified in your firewall as high-risk devices.

8) Have an outsourced IT expert review your setup; and when you look at the ROI on this move, imagine having to replace every computer in your shop, the lost time, the lost customers, etc., versus what becomes a minimal cost of having an expert set up and maintain your systems.

9) Look at your options and determine what your level of risk is.  If you are a super-small shop with two computers and a basic Internet connection, it might make the most sense to simply add a firewall box. You can get one with a very good next-generation firewall for less than $300.

10) If an employee leaves your company and they had access to your networks, you need to change the passwords ASAP!

At the end of the day, cybersecurity information can appear overwhelming — there is a lot of information on how to protect your business — but you must educate yourself and your team.  Make sure your team understands that your business systems are not meant to be used for surfing the Web and that passwords cannot be shared.  Finally, at the absolute very least, please run virus/malware protection. Windows ships with built-in security tools, please use them!

— Andrew Lorenz, president, We R Food Safety!, andrew@werfoodsafety.com