A study conducted by Kaspersky, carried out at the end of 2023, revealed that 74% of small businesses in Europe suffered at least one cyber incident in the last two years. The consequences of these attacks were severe and resulted in confidential data leaks (40%), reputational damage (23%), loss of customer trust (27%) and much more. Around 13% of small European companies had to suspend certain areas of their commercial activities. Examining the reasons for these cyber incidents, it is clear that one of the main causes was the use of weak passwords or failure to update them regularly. This reason is responsible for more than a quarter of incidents in Europe (26%), second only to malware downloads. To solve this global problem, Kaspersky offers some suggestions to help strengthen small businesses’ password policies.
Create strong passwords
Firstly – and above all – create strong and indisputable passwords. Despite its importance, this obvious measure is often overlooked by employees who have to juggle countless access credentials for the variety of applications they use. Additionally, make sure passwords are robust and unique for each business service. Weak and reused passwords are easy targets for cybercriminals, who use automated tools to decipher them and gain unauthorized access to sensitive information. By encouraging employees to use complex combinations of letters, numbers and special characters, small businesses can reduce the risk of breaches.
Implement multi-factor authentication
Multi-factor authentication (MFA) adds an extra layer of security by requiring users to provide additional verification beyond a simple password. This may include biometric data, unique passcodes sent to a mobile device, or security questions. Although small businesses may find MFA complex or unnecessary, it is an essential security measure that can protect against various digital threats, such as password theft and unauthorized account access. Enabling MFA significantly reduces the risk of unauthorized access to small business accounts, even if passwords are compromised.
Regularly update passwords
Regularly updating passwords is essential to maintain security hygiene and reduce the risk of breaches. Despite their size, small businesses are not immune to cyber threats and outdated or compromised passwords can pose significant security risks. Small business owners should encourage employees to change their access credentials periodically and apply expiration policies to avoid reusing old passwords. In addition, immediate updates to access credentials must be made in the event of employee departure or suspected security breaches.
Train employees
Employee awareness is crucial for effective password protection and overall online security in small businesses. Employees must be informed about the importance of strong access credentials, the risks of sharing and the potential consequences of being victims of cyberattacks. By promoting a culture of cybersecurity awareness, small businesses can empower their resources to play an active role in protecting sensitive information and mitigating cyber threats.
Secure devices and network
Small businesses should also take steps to protect their devices and networks with cybersecurity solutions. With the increasing prevalence of remote work and cloud-based services, small businesses must ensure their devices and networks are adequately protected against malware, phishing attacks and other cyber threats. By installing reputable cybersecurity software, enabling firewalls, and keeping operating systems and software up to date, small businesses can significantly strengthen their defenses.
«In the current digital era, it is no longer realistic to assume that only large companies are the main targets of cybercriminals. In fact, even the smallest companies face significant cybersecurity risks, so they must prioritize protective measures and use solutions designed specifically for their needs. At Kaspersky, we are deeply committed to empowering small businesses with the tools and resources they need to improve their protection. We believe that companies can be, at the same time, small and safe», highlights Kirill LitvinSenior Product Marketing Manager at Kaspersky.
To learn more about the importance of protecting your passwords, click here.
Tags: Small businesses risk importance prioritizing password protection
--
