Headlines that talk about cyber-attacks on global names can give the impression that cyber criminals only target large organisations.
If you run a small business, you might not have the funds to spend on super-sophisticated cyber security systems. Whilst bigger companies may well have their own in-house IT team to look after cyber security and the systems they use, smaller businesses may not have these resources and may rely on basic cyber defences.
If a cyber criminal accessed your data and corrupted your system with a virus, could your business survive? What if you lost all your digital records – client details, invoices, accounts etc? Even with paper copies, that’s a lot of work to get back up and running – can you afford the time offline – and therefore cost – to put things right?
Here we share eight simple steps to help protect your business from cyber threats:
1. Create a regular backup schedule for your company data
By regularly backing up your data to a separate, secure location, if you do suffer a cyber-attack, that back-up could allow you to quickly restore your system and minimise lost business time.
2. Create an Incident Response Plan
Having a plan to deal with the aftermath of a cyber-attack will help you minimise the impact and recover as quickly as possible.
3. Adopt multi-factor authentication (MFA)
MFA gives an additional layer of security by requiring users to provide two different methods of identification. This usually takes the form of entering a password and then having a code sent to your phone.
4. Restrict access to what’s necessary
Decide what access controls your users need so they can access only the information and systems required for their job role. Apply restrictions to prevent users downloading third party apps as these could result in a malware attack.
5. Keep systems and devices up to date with automatic updates
Enable automatic software updates on your devices, apps, and browsers.
Security updates are designed to keep your cyber protection up to date against new and emerging threats. Turning on ‘automatic updates’ in device, app and browser settings, where possible, means you don’t have to remember to apply updates. It’s also important to disable or remove any unused extensions, apps or services.
6. Make use of anti-virus software and firewalls
Most operating systems come with built-in anti-virus software. If upgrading to a paid-for solution isn’t an option, or appropriate for your business, make sure you take advantage of the built-in options and that it’s installed on all computers and laptops.
Separate to anti-virus software (and the two are often confused), a firewall can be a program or a piece of hardware that monitors the traffic coming into and out of your network and creates a barrier that can block viruses and attackers. Again, most systems come with a firewall installed, so it can be just a case of making sure it’s switched on.
7. Educate your staff to be cyber aware
Making sure your team can spot a malicious email or recognise a potentially dangerous attachment could save your business from a cyber-attack. Keeping these skills up to date as new threats develop is also key.
8. Get password savvy
Use some simple techniques to create passwords that are memorable to you, but hard to guess. Passwords ideally need to be 12 characters or longer – and can be a phrase broken up with numbers or punctuation marks. You can make use of your web browser to store passwords – just follow the prompts when logging into an application. There are also standalone password managers that can help create and store strong passwords.
To find out more about putting a cyber prevention plan in place, talk to our friendly team.