Search Bit-Wizards
10 Security Questions from Small Business Owners

10 Security Questions from Small Business Owners

Common IT security questions that business owners are asking and answers from managed IT services experts.

Because of wide-spread data breaches, ransomware, malware, and other security issues in the business world today, our Managed IT Services team gets frequent questions from customers regarding various security concerns. To address some of these, we have created a list of the 10 most common IT security questions we get from business owners along with our answers:
 


1. How can I tell if an email I received contains a virus or malware program?


The easiest way to spot potential viruses or malware programs in an email is to analyze the email address

  • Is the email unfamiliar? 
  • Does the email include an attachment? 

If the answer to these questions is 'yes,' this should raise a red flag! The best method to prevent an attack from malicious software is to never open any attachments from unknown email addresses. You should then block and delete the email.  
 
When in doubt, toss it out! If the suspicious email is legitimate, the sender will likely email you again or reach out using a different form of communication. 


2. How do I know my data is secure “in the cloud”?

 

We hear this concern frequently from our customers: "How do I know my data is safe if I can't see it?" Rest assured, Microsoft's data centers are infinitely more secure—both physically and virtually—than any of the IT security measures that a small or medium sized business typically has in place for their servers. 
 
Hosting your servers in the cloud provides numerous benefits over the "on-premises" infrastructure that you host at your office location. While cloud servers incur month-to-month hosting fees, there are no up-front expenses, no ongoing maintenance costs, and no replacement hardware costs.  

You can learn more about recent cloud computing trends and their impact on businesses here.
 


3. What is ransomware?

 

Ransomware is a piece of malicious code, written by the scum of the earth, that is snuck onto your PC (mostly through email). Once the ransomware is on your PC, it starts to encrypt your essential files, locking things like customer documents, finance documents, HR documents, and more.

Most of the time, you will notice when it happens because you will see a new window pop-up on your PC demanding money to receive the unlock password. And sometimes they don't even send you the password once you pay them.


Unless you regularly back up your documents and train your staff on how to avoid email scams, you might find yourself in a tight spot with ransomware. Learn more about the fallout ransomware can cause in our article, The Top 5 Cyber Threats Facing Businesses.


4. I have ransomware, and I didn't back up my documents. What should I do now?

 

There is no easy way to say this. If you are not backing up your documents, you are playing Russian Roulette with your important files! Once you have ransomware, there is next to zero chance you can recover your data without paying the ransom. Click here to get in touch and get help now.   


5. Why are small businesses being targeted for cyber-attacks over large corporations?
 

Unfortunately, small businesses don't have the cyber-security resources or expertise at their disposal that the large enterprises do. Think about it this way. Who would a thief rather steal from? A single wealthy person surrounded by bodyguards with lots of guns? Or 100 distracted unarmed people with their wallets exposed? You can hire a managed IT services company to help protect your small or medium sized business from IT security vulnerabilities.


6. What is an email phishing scam and how can I avoid it?

 

Phishing is the practice of sending fraudulent emails that look like they are from a reputable source. Phishing emails are meant to persuade the recipient to reveal personal information such as login credentials or credit card numbers. 

Asking yourself the following questions can help you avoid falling victim to an email phishing scam: 

  1. Why am I receiving this email? 

  1. What is it asking me to do? 

  1. What is the sender's email address (not just the sender's name)? 

  1. When hovering the cursor over the link (whether it's text or an image) what is the website URL displayed? This is the link you will visit if you click. 

Learn more about How to Recognize and Avoid Email Phishing Scams.
 

 

7. What is the safest way to store passwords?

 

You should always store your passwords within a password vault, or password manager. Using this method will allow you to have one "master" password to remember, which will allow you to access all of your other passwords safely and securely. We recommend the password vault LastPass


8. What is two-factor authentication?

 

Two-factor authentication is a secondary layer of security requiring proof (other than your password) that you are really you, and not an attacker attempting to gain access. For example, if your Twitter account has two-factor authentication configured, you may be required to verify your identity by inputting a code that was texted to you. Learn more about staying safe online.
 

 

9. Is it safe to use public Wi-Fi?

 

Absolutely!  Who doesn't love free Wi-Fi?  But nothing is ever free, right?  

When you are sitting at Starbucks or the Airport using the public Wi-Fi, you want to make sure that you are extra cautious. We suggest that you avoid accessing your critical accounts such as banks, credit cards, personal information, or even work information. If you do, you run the risk that every other device connected to that Wi-Fi can access, view, and capture your information. Protect yourself by using a VPN while on public Wi-Fi.  


10. I purchased an anti-virus from BestBuy. Doesn't that keep my network safe? 


Think of network security like going scuba diving with sharks. Consider that your anti-virus is your air tank. You might be able to breathe, but without a mask, fins, or speargun, you're still at risk of being attacked.

Having anti-virus software is a good start, but network security is a multi-prong approach that requires various tools to ensure that you're protected. Hiring a managed IT services provider can keep your business safe through enterprise level anti-virus, the management and monitoring of a hardware firewall, switch, and router, and the application of advanced threat protection for email. 
  
Additionally, top-notch managed IT services teams (like the one here at Bit-Wizards) are comprised of highly-trained, expert-level engineers. We have a diverse team of people with in-depth knowledge across a variety of specialties. Our engineers can help you with any IT related question you might have, at any time. Get started today.

Author

Wiz E. Wig, Mascot & Director of Magic
Wiz E. Wig

Director of Magic