Monthly Archives: August 2016

Know more about the business asset

Any type of revenue loss or reputational damage is worth preventing. Protecting your business against such losses means securing your employees, customers, building, equipment, and revenue-related assets.

When people think of security breaches and theft, they often imagine complex technology theft or armed robbery. But although businesses should employ the proper measures to prevent major security incidents, the reality is that those types of instances are rare. Often, revenue slips out the door simply because of poor record keeping, employee theft or lax security protocols, rather than from outside nefarious forces. Security cameras and other technologies can also help protect your company from harassment or performance issues.

While some security measures require an investment or ongoing fees, some are free and can be implemented as best practices. If you haven’t yet put much thought or investment into your business’s security, now might be the time to do so. It might even cost less than you think. Here are a few ideas and best practices to help you secure your business.

Security cameras and monitoring

The first and most obvious security investment to make for your business is to install surveillance cameras. These cameras are becoming more affordable and often can be packaged with alarm monitoring services.

You’ll want to place cameras in strategic areas, such as at entrances, over cash registers, in serving/sales areas and near expensive inventory. Your employees should know that you periodically view the recorded video. This will help prevent inventory shrinkage and discourage patrons from stealing. It also can be used to identify (and, in turn reward) high-performing employees. Some security technologies can integrate your point-of-sale (POS) system with your security cameras, such as Remote Eyes, Axis Communications, Genetec, Axxon, Cisco and 3VR.

Experts recommend finding a local vendor that can provide security consulting as well as maintenance support. These companies should also be able to provide integrated technologies, such as those that detect smoke, gas, motion and broken windows; as well as fob or card entry options. Security monitoring services communicate with your local law enforcement, usually for a small fee per year, and provide cellular systems with battery backups in case of power outages.

You can find our complete coverage of surveillance systems here.

Other security technologies

Sales Tracking

Accurate sales-tracking technologies can reduce losses caused by incorrect pricing, tax calculations, voids, duplicate orders, false sale records and more. If you have employees, these systems can help you track potential problems, such as routine voided or incorrect sales tickets. If you own a restaurant or retail store, a capable POS system can track this information for you. If you sell services, your payment processor often will provide features to help you track sales.

Inventory Tracking

Although inventory tracking is the most relevant to businesses that sell physical products, companies that sell services can also benefit from these tracking systems. For example, inventory systems can help restaurants track food inventory, vendors, waste loss and spoilage, and retail versions of these systems can track items, stock keeping units and bar codes, item descriptions, vendor information and more. Usually, businesses can enable these types of capabilities by using a POS system with upgraded inventory-tracking tools. Service businesses can use a credit card processor to track the types of services sold as well as billable hours. You can also employ technologies to track equipment and depreciated properties. Having accurate inventory information can help you quickly pinpoint areas of loss.

Employee Scheduling and Time Clocks

If you have employees, keeping accurate records can greatly improve your payroll accuracy and reduce the risk of overpayment. Some time clocks even utilize biometric technologies, such as fingerprint readers or eye scanners, that prevent employees from clocking in for one another. Many of these systems let you view employees’ schedules online and send shift-change information directly to employees’ mobile phones to help ensure that they show up for the right shifts. You can add scheduling and time clocks to many POS systems or purchase the services separately. Popular vendors include Revel Systems, NCR, Lavu, Lightspeed, ShiftPlanning, NimbleSchedule and Humanity.

You can find our complete coverage of employee scheduling software here.

Credit card and fraud protection

If you process card payments, you’ll need to carefully protect your customers’ payment information. With the recent liability shift, you — rather than the card company — can be held responsible for fraudulent charges if you are not compliant with the latest card processing technology.

The best strategy is to use a payment processor that provides the right level of security for your business. But there are also a few things you can do to add an extra layer of security:

  • Do not store credit card information yourself.
  • Upgrade to EMV chip-and-PIN card readers.
  • Provide table-side or customer-present processing.
  • Limit who is allowed to process payments using your service.
  • Maintain excellent sales records.
  • Use complex passwords, and change them often.
  • Secure the devices supporting your payment processing and CRM (customer relationship management) software using firewalls, passwords and anti-malware software.
  • Lock down Wi-Fi access, and use a powerful firewall.
  • Consult with a specialist about how you can become and stay PCI (Payment Card Industry) compliant.
  • Consider accepting other types of payments, such as mobile or PayPal payments.

Business Can Bridge the Cybersecurity Skills Gap

Cybersecurity is an important component of any company’s operations. Small businesses are especially at risk for data theft or security breaches — Keeper Security and the Ponemon Institute found that 50 percent were breached within the last year — so they need people and technology to protect their sensitive information.

But according to a report by Intel Security and the Center for Strategic and International Studies (CSIS), 209,000 cybersecurity jobs went unfilled in the United States alone in 2015. That growing IT skills gap leaves businesses vulnerable to cyberattacks and theft: More than 70 percent of IT professionals surveyed in the study said the cybersecurity skills gap in their organization has had a direct negative impact on their companies, and 25 percent said propriety data has been lost due to this gap.

“A shortage of people with cybersecurity skills results in direct damage to companies, including the loss of proprietary data and IP [intellectual property],” James A. Lewis, senior vice president and director of the Strategic Technologies Program at CSIS, said in a statement. “This is a global problem; a majority of respondents in all countries surveyed could link their workforce shortage to damage to their organization.”

Set high standards for cybersecurity jobs. In the study, which surveyed 775 IT professionals in eightcountries, nearly half of respondents cited a lack of training or qualifications as major concerns. It should not be easy to land a job in such a complex field; the report recommended redefining the minimum credentials for entry-level jobs and looking carefully at a candidate’s experience and skill set.

Not sure what to look for in your candidates? Our sister site Tom’s IT Pro has outlined the best IT certifications for 2016.

Provide additional training and education opportunities. Only 23 percent of the survey respondents said that traditional IT education programs are preparing students well enough to succeed. Hands-on training, gaming and technology exercises and hackathons may actually be a better educational resources, according to the report.

“To address this workforce crisis, we need to foster new education models, accelerate the availability of training opportunities, and we need to deliver deeper automation so that talent is put to its best use on the frontline,” said Chris Young, senior vice president and general manager of Intel Security Group.

Expand the industry. Respondents revealed that an average of 15 percent of cybersecurity positions in their company will not be occupied by 2020. The report calls for diversification of the cybersecurity field, as more than three-quarters of respondents said their governments are not investing enough in building cybersecurity talent.

Invest in the right technology. One way to help bridge the workforce skills gap is to look into intelligent security automation, said the report. Intel and CSIS advised using this type of technology to collect cyberattack data and develop better metrics to identify threats.

Do you know the best of security for your small business

Cybersecurity is no joke. Whether you have a website, online accounts or any type of Web-based infrastructure, you are at risk for a cyberattack.

Although the public typically only hears about cyberattacks against high-profile companies, banks and government websites, small businesses make prime targets for cybercriminals, competitors and disgruntled parties. Yet, due to their lack of resources, small businesses have the least-protected websites, accounts and network systems — making cyberattacks a relatively easy job.

To help you protect your business, here are 13 small-business-friendly cybersecurity solutions to get you started.

1. Comodo

When it comes to low-cost security solutions, you usually get what you pay for. Comodo is a global, award-winning security provider that offers free and affordable security tools that don’t compromise on features and reliability. Solutions include: Comodo One, the company’s free IT management platform that features Remote Monitoring and Management (RMM), Patch Management and Service Desk all in one place; Comodo Securebox to shield apps from malware-infected devices; and Comodo Advanced Endpoint to automatically prevent malware from entering networks. Small businesses can also enjoy free antivirus, free and paid SSL certificates, free Internet security, mobile device management, firewall protection, security for POS systems and many other services.

2. ESET

Looking for a single solution to cover all your bases? ESET lets you choose from a wide range of security bundles to protect your computers, mobile devices, USB drives, networks and servers. For instance, the ESET Small Business Security Pack guards Windows and Mac computers, as well as iPhone and Android phones, file servers and email accounts. The company also offers custom solutions that allows you to build the perfect security tool for your business. You can choose by product type, company size and industry. Choices include endpoint security, mobile security, remote management, two-factor authentication, encryption, file security, email security, virtualization security and more.

3. Cradlepoint NetCloud Engine (Pertino)

Virtualization and cloud computing offer many gifts, including the ability to access your desktop, files and other data anytime, anywhere using any device. Security concerns, however, can complicate the convenience. Cradlepoint NetCloud Engine, formerly Pertino, offers one easy, affordable and super-secure way to virtualize your network and your business. You’ll enjoy a VPN decked with layers of security protection, such as multifactor authentication — a combination of users’ ID, token (i.e., their device) and PKI-certificate — fully cloaked private addresses, micro-segmentation, end-to-end encryption, access policies, industry-leading cloud security, data center protection and more.

4. Lookout Mobile Security

It’s not just computers that are at risk for security breaches. Lookout Mobile Security is all about protecting your business from cyberattacks on phones and tablets. It works by predicting, anticipating and shielding businesses against all types of mobile threats, such as malware, data leakages and the risks associated with sideloaded apps and jailbroken devices. Lookout also gives you complete visibility over devices and offers advanced tools to manage risks, vet software and app vendors, investigate incidences and ensure compliance with security regulations and company policies.