Ricochet News

Cybersecurity essentials for small business owners

By Paul Macpherson, Head of Security - Dec 5, 2017
Cybersecurity essentials for small business owners

The internet has changed the world around us for the better, both in our personal and business lives. But, with these advancements come the continued compromises of online security. Cybersecurity Ventures has predicted that cyber crime damages will cost the world $6 trillion annually by 2021.

It goes without saying therefore that online safety is a critical consideration for any business. As security becomes more sophisticated, hackers continue to attempt to breach it. This drains resources for businesses who hope to protect their interests and comply with relevant legislation.

Safeguarding against cyber attacks requires consistency, intelligence, and forethought. These five tips will ensure that your systems stay protected.

  1. Keep on top of your IT security

Staying up-to-date is an essential part of maintaining organisational IT security: the older your software, the more vulnerable it is.

Online attackers deploy sophisticated methods in their attempts to compromise systems – and outdated software is especially vulnerable. The WannaCry ransomware virus, for example, was particularly harmful to older versions of Microsoft Windows.

Whatever software your business uses, it must be as current as possible. Developers are usually diligent when it comes to addressing security flaws, but you should set your systems to automatically install updates to guarantee the right levels of protection.

  1. Install the right security software

It’s sensible to select reputable anti-malware (anti-virus) software and keep it scrupulously up-to-date. Certain tools can detect and block malware in email attachments and files before they have the opportunity to compromise your systems – preventing them from doing serious damage to your systems.

This software can be set to automatically update, ensuring that it is always fully capable of addressing the latest forms of malware.

  1. Backup key files

Backing up data is vital for any business: having more than one copy of your crucial information helps to ensure safety and security – and diminishes the risk of it being unavailable to you through ransomware attack or theft of equipment.

Store your copy of this information safely off site and ensure that you can access a recent version whenever you may need to. Doing so can minimise operational disruption so long as it is not accessible on your main network where it could be compromised through the attack you are experiencing. 

  1. Set the right passwords

Having a unique password helps prevent a compromise of one login becoming a compromise of many. Always use strong, unique passwords with a mixture of letters, numbers and symbols for each site or service you login to, and never share them. With many passwords to remember in today’s digital world, password manager software can help manage your multiple logins and makes it easy to always create strong passwords.

Using two-factor, or multi-factor authentication (2FA/MFA) wherever possible will provide an additional layer of security for your accounts. This is particularly important so far as your email account is concerned as this is usually the means to resetting your passwords for other sites, and often exploited for fraud.

  1. Raise awareness amongst your employees

Make sure your employees are aware of the risks online when going about their day to day tasks. Most hacks are conducted by compromising the individual (social engineering), rather than the system: many phishing, spear-phishing and other fraudulent attacks are achieved simply by convincing someone to hand over important information, authorise unsanctioned transactions, or simply click on a link. There are resources available online that can provide the right guidance when it comes to responsible behaviour online.

It might also be worth testing your staff to see if they can identify a fake login page or an untrustworthy email on sight.

Ultimately, cybersecurity for small businesses is a matter of vigilance and strategic investment. Cut corners and lose focus and you will suffer; pay attention and invest wisely and you will safeguard your systems.