Mary Cervantes

Mary Cervantes is a columnist for the Napa Valley Register.

J.L. Sousa/Register

Hacked emails and massive data breaches aren’t exclusive to big business. According to a 2016 State of SMB Cybersecurity Report, hackers have breached half of all small businesses in the United States.

Most small businesses cannot afford their own IT departments which makes them susceptible to internet attacks via email or fraudulent activity happening in their e-commerce shops.

Small businesses need all the help they can get.

One answer is the Small Business Administration’s (SBA) Small Business Technology Coalition.

Formed in 2016, technology companies like Microsoft, Box, Square, Google, Wix and others pledged their support to provide technology education to the SBA’s 23 million small businesses.

The SBA Tech Coalition ( is a public-private partnership designed for small businesses to access the knowledge needed on topics such as e-commerce, social media and cybersecurity.

Small businesses need to be proactive and follow the top 10 Cybersecurity tips from the Federal Communications Commission:

1. Protect against viruses, spyware, and other malicious code.

Make sure each of your business’s computers are equipped with antivirus software and antispyware and updated regularly.

2. Secure your networks.

Safeguard your Internet connection by using a firewall and encrypting information.

3. Establish security practices and policies to protect sensitive information.

Establish policies on how employees should handle and protect personally identifiable information and other sensitive data.

4. Educate employees about cyber-threats and hold them accountable.

Educate your employees about online threats and how to protect your business’s data, including safe use of social networking sites.

Hold employees accountable to the business’s Internet security policies and procedures by requiring employees sign an acknowledgement statement.

5. Require employees to use strong passwords and to change them often.

Consider implementing multifactor authentication that requires additional information beyond a password to gain entry.

6. Employ best practices on payment cards.

Work with your banks or card processors to ensure the most trusted and validated tools and anti-fraud services are being used.

Isolate payment systems from other, less secure programs and do not use the same computer to process payments and surf the Internet.

7. Make backup copies of important business data and information.

Regularly back up data on all computers. Back up data automatically if possible, or at least weekly, and store the copies either offsite or on the cloud.

8. Control physical access to computers and network components.

Prevent access or use of business computers by unauthorized individuals. Administrative privileges should only be given to trusted IT staff and key personnel.

9. Create a mobile device action plan.

Mobile devices can create significant security and management challenges, require users to password protect their devices, encrypt their data, and install security apps to prevent criminals from stealing information while the phone is on public networks.

10. Protect all pages on your public-facing websites, not just the checkout and sign-up pages.

The FCC’s cybersecurity hub at has more information, including links to free and low-cost security tools.

The Napa-Sonoma Small Business Development Center at Napa Valley College provides workshops and one-on-one advising to help small businesses be successful.

For more information contact Valerie Bible at 707-256-7250 or go to

Mary Cervantes is the business services director for Napa Valley College Napa-Sonoma Small Business Development Center. Reach her at 256-7253 or