In 2017, Verizon’s Data Breach Investigation report revealed that 61 percent of all cyber attacks target small businesses and most of them go out of business within the next six months. Hackers use phishing and ransomware to steal vital information with an aim to empty bank accounts through wire transfers and access customer’s private information, commit health insurance fraud and filing false tax refunds. Sadly, small business owners still fail to understand the need to invest in enterprise-grade authentication solutions like Secure Sockets Layer certificates (SSL) and think that small operations are less attractive to hackers than their larger competitors. But it is the small and midsize businesses that are the targeted ones.

Business owners must first ensure that nothing is preventing their customers from visiting their website. Browsers help in protecting users by alerting them when a particular domain is not using encryption certificates to secure sensitive customer information like credit card numbers, passwords, and email addresses. New security protocols for SSL and Transport Layer Security (TSL) are set to take effect from March 2018 that mandate that domain validated certificates and extended validated certificates validity periods be reduced from the previous 27-39 months to a new maximum of 825 days. Google Chrome will also require all SSL and TLS certificates to be logged in order to be trusted.

The first step for every business is to prioritize the need for IoT security and identifying the number of connected devices. Most of these devices were not built keeping security on top of the mind. Updating software, backing up data and securing only authorized people from accessing these devices can make a lot of difference.