Small businesses taking small steps towards cyber security can have a big impact towards protecting their business safety online by using simple, effective cyber security strategies.
Software updates, exercising caution, training staff, and backing up data all play a part in building robust defence systems to protect your business, including your client’s data, from scammers and hackers. And they don’t have to break the bank.
The simplest steps that every business should start with are
1. Keep your applications, software and antivirus protection up to date
2. Exercise caution clicking on links or responding to suspicious emails
3. Nominate a staff member as responsible for cyber security
4. Train your staff in your business cyber security expectations (including secure password usage), and only provide access to systems necessary for their role
Software for cyber security
Software is a two-part protection. First you need antivirus protection, maybe a firewall, and definitely up to date apps and programs.
Indeed, if you do nothing else, always ensure your apps and programs are running the latest version, with the most recent updates. Developers for supported apps and software programs are constantly closing security holes or vulnerabilities so keeping things up to date is the best protection and it costs nothing.
Antivirus software protects you if your software has a vulnerability or your training and caution have failed somewhere. For a small cost, you can protect your many points of access to the World Wide Web, including your computer, phone and laptop often with the same subscription.
Caution and vigilance
Common sense is your best starting point, if in doubt, don’t.
Don’t click on that link, don’t believe the offer, don’t trust that it really is your friend or old colleague messaging you.
Practice this yourself and include it in any training you run for your staff.
Look for the spelling errors and email addresses that look just a little bit wrong. Call your friend rather than trusting that it is them offering you a great deal online. Ignore the offer that looks much too good to be true.
Unfortunately, as the hackers become more sophisticated, so must our processes. Recent business attacks pose as a trusted business contact regarding work you have received asking for payment into a different account. If you have even the slightest suspicion, contact them via known channels – the phone, if possible, to confirm the validity of the request. That few minutes can save you both a world of pain.
A person responsible, staff training and necessary access only
No amount of software or updates will protect you from all errors or deliberate sabotage within your small business. But good training and internal procedures will help.
If your business is large enough to have multiple staff online, we recommend starting with nominating one person to be responsible for your cyber security. This individual should ensure written policies, including appropriate password protection, how and where to store client data and what to do if you suspect something is wrong or breached. Staff must then receive training in their execution.
Your well-trained staff should then be given access only to the systems necessary for their specific job because limiting unnecessary access limits unnecessary risk.
Whilst not strictly cyber security, data backups should form part of your plan. While they won’t prevent hackers from accessing your data, they will ensure that you still have access to it if compromised. Backups of client files, distributor contacts or other necessary business documentation can ensure you are back up and running in days, not weeks, if systems are compromised.
Those operating in the cloud back up automatically, whilst others choose to backup to a physical hard drive. If you choose to backup to a physical hard drive, please ensure you keep a copy offsite; otherwise, you may lose your primary and secondary data records at the same time in a fire or other physical breach.
Remember: Small business cyber security strategies don’t have to be complex or expensive to be effective.