You (or your customers) might not be aware, but the Federal Trade Commission (FTC) wants to help make small businesses more secure. It offers a number of products, resources, and tools to help small businesses better protect themselves.
It’s easy for SMBs to think they aren’t going to be a target of a cyber attack when there are so many bigger fish to fry. But, the fact is that everyone is vulnerable to threats such as phishing scams, ransomware, and other cyber mayhem.
Awareness is everything
A big part of the problem is lack of knowledge of the basics by employees of SMBs. We’ve talked about some of the defenses that can be put in place, such as two-factor authentication in previous posts. The FTC site also recommends backing up crucial files to an external hard drive or to the cloud in the event the consumer gets locked out of their own network.
A little bit of knowledge and preparation through education can save both yourselves and the customer a lot of aggravation in the long run. It’s not simply enough for you as MSP, or even for the owner of the business you’re protecting to be aware. You also have to make sure all their employees are savvy too. They tend to be their own worst enemy — accidentally contaminating their own systems with malware.
It’s not simply enough for you as MSP, or even for the owner of the business you’re protecting to be aware. You also have to make sure all their employees are savvy too. They tend to be their own worst enemy — accidentally contaminating their own systems with malware.
Think of this as a cyber security course for your SMB customers. Start with the basics and work your way through to the more advanced topics. There is a guide for your customers, quizzes they can take to test their knowledge to make sure they really get it, and even videos for folks who would prefer to watch something instead of reading.
Getting down to it
The cyber security basics page outlines the easiest and simplest steps that SMB owners and their employees can take to prepare and protect themselves from attacks. Each lesson is organized with graphics to make it as non-threatening looking as possible and can be printed or saved as a PDF.
The lessons are designed to be read in a few minutes, and the entire batch could probably be finished in a single afternoon. But if you want to go the distance when it comes to end-user security training, you should look into a solution or service that will provide ongoing phishing simulation and training content.
The FTC is not the only government agency with tips. If you do a search, you’ll find additional resources at the Small Business Administration (SBA), the Federal Communications Commission (FCC), and others.
Take some time to educate SMBs about the dangers their business faces and what they can do to protect themselves. By doing this, the MSP may save themselves and their customers a lot of pain in the long run. We know there is no fool-proof security method, but there is some common sense — and that is often the most powerful tool.