January 11, 2017 | Categories: PCI Compliance Back to list

SMB Security Tips: Protect Your Business From The Internet

SMB Security Tips: Protect Your Business From The Internet

The Internet has become imperative for a business’s success. However, despite the many positives, it also leaves companies exposed to risks from viruses, malware and other online threats.

Small and medium sized enterprises might feel they are safe, but with 43 percent of attacks or – one in forty – aimed at small businesses, your company needs to do everything it can to keep it secure. The following security tips will help to better protect your business from the Internet.

Use Separate Work Computers and Devices

Ideally, business owners should have two computers: one for company-related work and another for personal matters; this should keep your working and personal life separate. However, if this isn’t practical, at least store payment details away from your company computer.

For added security, the PCI Standards Security Council advocates using a device that is reserved for payments, and only surfing the Internet on a different computer or device for added security.

Collect Payments Securely

For secure ways of collecting payments, payment gateways or a virtual terminal can be good choices; a payment gateway will also assist with your PCI compliance. However, the gateway will need to be installed and configured in accordance with the payment processors guidelines – and always check if additional security measures are needed.

To further boost Internet safety, increase Wi-Fi security by getting it configured properly, using encryption for passwords, and remember to change the password for your router. Manufacturers often use a standard password for routers – update yours so it is easy to remember, but hard to guess by potential hackers.

Use Internet Security and Firewalls

Install Internet security and firewalls on your devices that connect to the Internet and don’t depend on anti-virus as it only includes the basics of protection – install Internet security instead.

Internet security has a greater mix of features, such as a firewall and protection for your personal data; the protection levels with vary according to the brand, however, some have a complete suite that can guard your financial details and other sensitive data.

In addition, don’t overlook smartphone security. An increasing number of employees are using smart phones now, and these devices can be more vulnerable to attacks than some realize.

If your business issues smartphones or mobile devices to staff, keep these devices up-to-date with patches/software downloads and install Internet security. You should also inform staff of the protocol for downloading information while at work, or using work-owned devices outside of work hours.

Take a Layered Approach to Security

Whether a hacker is after password information, sensitive data, or wants to infect a business’s system with malware or a virus, you need to be prepared for that possibility; this requires taking a layered approach to your security, and not nearly enough small businesses do this. In fact, research highlights just how little some small businesses do to actively protect themselves from viruses, with a third of them  admitting to not having basic anti-virus, or unsure if it is installed.

It is important to understand that each SMB will have its own security challenges; conduct a risk assessment to see where your company’s potential flaws lie and build a system for both online and offline security around that – consult an expert if you need to

For a broad range of protection, draw up a list of the computers, mobile devices, routers and personal and professional data that you wish to cover and decide while security tools you are going to use. Hiemdal Security suggests starting by protecting your data, and it has a detailed cybersecurity plan available on its website that provides a good starting place.

However, creating a truly secure system means consistently updating security to guard against new threats; make security updates an ongoing process in your company to adapt to this.

Create Staff Policies for a More Secured Business

If you employ staff, introduce firm online policies if you haven’t already. Have clear guidelines on whether staff can use the Internet at work for personal use, and if they can, what they should do to lower the risk of viruses, malware etc.

If staff needs to use the Internet for work related activities such as downloading programs, opening attachments, or installing software, ensure protocols are clear and that staff knows to follow them, and introduce an email/Internet policy too.

Although such policies aren’t always popular they are imperative to Internet security, and when used correctly, an Internet policy can reduce disputes and increase productivity by minimizing staff use of Internet, email and social media while at work, while also providing guidelines on how company equipment should be used and guidelines for safely downloading software.

Have a Backup Plan

Some viruses or malware might only be a minor annoyance, however, other forms can completely devastate a system: if all else fails, your business needs a backup plan so if you are unfortunate enough to lose data, you’ll have a way of recovering it.

It is advisable to create a backup in multiple locations in case one form fails. Cloud storage is popular, and can also allow staff to access files if they are working away from the office.

In addition, it is recommended that you have a backup that is stored away from your business premises. However, whichever back up method you choose, all data needs to be stored in accordance with PCI compliance.


The Internet has opened a new world of opportunities for SMBs, but it also exposes them to threats from viruses, malware and hackers. While no system will ever be 100 percent safe, with the right security measures in place you can significantly reduce your risks of a computer becoming infected and data being put at risk.

Regularly assessing risks, having staff policies regarding the use of the Internet and email, and having a layered security system are just some of the steps your business can take to better protect it from malware and viruses. In addition, by creating a full backup plan, you should be able to limit the upheaval to your company if the worse occurs.

Get In Touch

Want to improve your payment experience?
Speak with a dedicated account manager today.

This field is for validation purposes and should be left unchanged.

Ready to get started?

Get in touch or create an account

This field is for validation purposes and should be left unchanged.