Small businesses have many challenges to navigate these days, between recovering from pandemic-era losses and supply chain setbacks, to finding enough qualified workers to fill key positions. The last thing they need is to become a victim of scammers and other criminals, many of whom may try to exploit some of these very challenges.

To help keep your company safe from both digital and physical threats, implement the following six security practices:

1. Help Ensure That Computers and Networks Are Protected

Use current, updated security software and firewalls. Make sure operating systems and web browsers are kept up to date. Keep all software updated, since outdated versions may have vulnerabilities that can be exploited by data thieves. Use passwords on company computers and change them regularly. Ensure that only the appropriate staff have access to them.

It's a good idea to have employees change passwords every few months, and require them to use unique passwords they aren't using elsewhere. You might even have your IT department assign them specific passwords and have them use multi-factor authentication.

2. Take Precautions to Help Protect Mobile Devices

Mobile devices have made security trickier for businesses, so you'll need to take some extra precautions.

"Mobile devices can create significant security and management challenges, especially if they hold confidential information or can access the corporate network," according to the FCC.gov website.1 "Require users to password-protect their devices, encrypt their data, and install security apps to prevent criminals from stealing information while the phone is on public networks. Be sure to set reporting procedures for lost or stolen equipment."

In some cases, it might be best to restrict employees from using personal devices for work.

3. Limit Access to Sensitive Information and Valuable Products

Access to any sensitive information or particularly valuable products (such as those you would keep locked in a case) should be limited only to those who need to have it to do their jobs. Assign passwords and/or keys to specific people and make them fully responsible for them.

The Federal Communications Commission (FCC) suggests not providing any one employee with access to all data systems and not allowing any software to be installed on any machines without explicit permission.

4. Set Up a Virtual Private Network

A virtual private network (VPN) is an encrypted connection that can help ensure that data is safely transmitted throughout a network and to/from devices. This can help keep your information safe, particularly when employees are working remotely, since outside parties won't be able to see traffic on the VPN. If you or employees are working from home or while traveling, a VPN is highly recommended.

5. Don't Neglect Physical Security Measures

While many of your security measures will be related to data and digital security, physical security is obviously crucial as well. Use cameras where money is kept or exchanged, as well as at points of entry/exit to your business. Have an alarm system installed, and develop policies for emergency situations, such as robberies.

Just being present by walking around the workplace shows that you are there and paying attention. This could help deter criminal activity.

6. Keep Staff Trained

Make sure you keep employees trained on anti-theft practices, especially where digital security is concerned. Things change frequently when it comes to cyberthreats. There are always software updates and new attacks and vulnerability exploits. Stay informed yourself and pass on that knowledge to your workers so they can be on guard.

"With more and more employees working remotely or going back and forth between the office and their home on a hybrid work schedule, the likelihood of cybersecurity issues has increased," says Jesse Relkin at BPlans.2 "The easiest way to mitigate these risks is to implement employee security awareness training updated at least every year to include the latest cybersecurity risks."

Make sure new hires are always made aware of what is expected of them so there is no confusion and that all employees know the proper procedures. Send out reminders from time to time.

It's imperative that you take the security of your business seriously because otherwise, you might be putting valuable data and assets in jeopardy. Chances are you've experienced enough setbacks over the past couple of years. Don't leave the door open for new ones.

1. https://www.fcc.gov/general/cybersecurity-small-business

2 .https://articles.bplans.com/cybersecurity-best-practices/

The information provided is presented for general informational purposes only and does not constitute tax, legal or business advice. Any views expressed in this article may not necessarily be those of Nevada State Bank. Nevada State Bank is a division of Zions Bancorporation, N.A. Member FDIC