being watchedCybersecurity sounds like one more thing a small business owner doesn’t want to have to think about. However, small businesses are increasingly being targeted by cyber terrorists.

Why? They have valuable data and they are generally easy targets.

But what can you do to protect yourself and your business? Carol shares her best advice in her recent post on, “7 Key Components of Small Business Cybersecurity Planning.” Carol begins:

“If you use computers to run your business, which is pretty much everyone, then you need to have at least some basic knowledge of cybersecurity best practices. I met with several cybersecurity experts to find out what small business owners should be aware of to (hopefully) avoid cyber-attacks or data loss.

Vikas Bhatia, CEO of Kalki Consulting, shared this as a general overview of what you should consider:

“As a small business owner and a cyber security professional, the simplest advice I can give is 1) get objective advice about whether losing the data you have or collect will get you in trouble, 2) keep a simple inventory of where it resides and who has access to it, and 3) make sure you follow basic technical hygiene (have different passwords for key systems, regularly update patches and antivirus systems – no matter what computer you use).”

That’s a great start, but let’s take a closer look at some of these and other key areas that you need to evaluate to keep your business safe.

1. Limit access.

Matthew Fox is a freelance IT project manager who works with a cybersecurity firm and a web development company. He suggests that small business owners ask the following: “Who has access to the data? Do they have access to only what they need to do their role? Or do they have access to everything?”

Fox believes that malware and other risks can potentially be prevented by restricting access.

2. Protect passwords.

Chris Wilken is the founder of Let’s Fix Security and Wilken Consulting. He offered these questions that small business owners should consider with regards to password management:

  1. How do you manage your passwords for the websites you use? Do you use a password management program like 1Pass? Are all of your passwords the same? If so, change them.
  2. What about your usernames? Don’t use your email as your username – pick something else.
  3. Do you use two-factor authentication? If not, look into it. It is simple to set up.
  4. Do you know if your account has been compromised? If not, use a service to find out such as

You can read the rest of the post here.