With most businesses these days having an online presence, or using online services to fulfill many functions, it has meant that incidences of cyber crime have soared in recent years. Not only is cyber crime disruptive to any business, but it’s estimated that small businesses alone are losing up to £800 million annually from such attacks. Fortunately, there are lots of measures any business can take to reduce their cyber risk. Here are ten tips worth implementing.
#1 – Keep on top of updates
One of the easiest but most important strategies you should take is to ensure all your anti-virus, anti-spam and firewalls are all regularly updated. Make sure you update the security on all your software, including mobile technology, regularly, as well. If you ensure you are fully protected, then it makes it harder for hackers, spam-bots and viruses to enter your systems.
#2 – Passwords
Password protection is vital against cyber threats, so always choose passwords that would be difficult to guess. Always use passwords for your wireless network. Change passwords regularly, especially if any staff leave their job.
#3 – Back ups
Make sure you regularly back up all of your data, so that you reduce your risk of losing anything should a cyber attack take place.
#4 – Staff guidelines
Implement stringent guidelines to give to your staff with regards to how they use data and the internet or mobile devices. Hold training sessions with your staff on a regular basis to educate them about reducing security threats. Have an open door policy, so that if any staff members think that fraudulent activity is taking place by other staff, they can discuss it in confidence with you.
#5 – Security checks
When you’re hiring new staff, especially those working on a temporary or casual basis, undertake basic background checks and get references to check they have not been associated with any previous fraudulent behavior. This is particularly important if these staff will be dealing with any financial aspects or sensitive data.
#6 – Dedicated computer
If resources allow, it can be beneficial to dedicate one computer for all of your financial transactions only, which will make it less vulnerable to attacks than if you shared one for use with other internet activities such as social media.
#7 – Cyber policy
If you take the prospect of a cyber attack seriously and put measures into place of how you would deal with one, if it occurred, then knowing how to handle it will help reduce the impact if it did happen. Review your cyber policy regularly and test the effectiveness of your disaster recovery plans.
#8 – Separate banking
Don’t keep all of your finances in one account, and always have a separate account and credit cards for personal banking and business. Avoid giving your card details to other members of staff.
#9 – Cloud services
If you use cloud services in your business operations, be extra vigilant and only use a reputable service provider.
#10 – Insurance
Whilst having an insurance policy in place that covers you for cyber crime and fraud won’t necessarily stop it from occurring in the first place, it will help cover any costs or damages incurred if it does happen. Always check your policy cover and keep it updated.
If we have overlooked any important tips, when why not add them by commenting below! We welcome your feedback and views, so please take part in the conversation.
Comments on this entry are closed.
These are great tips and serve to remind us that we must always be prepared for worse case scenarios.
I agree that backups are essential. I think redundancy in backup is especially crucial; companies should have online backups as well as external backups. For extra safety, they should store the backups offsite in a secure location, otherwise there is the risk from thefts and break-ins.
The mobile security is very important too and employees should all have password protected phones and remote lock and locating.
Thank you for your reply Phyllis. Glad you agree! Definitely, backups are a must have!
well you can start by ensuring you have a safety feature on the computer you are using and ensure you don’t post information ( personal ) ,
Might be difficult to implement in reality though right?
Cloud services are getting more and more important with each passing day for competitive advantage and yet we risk data or instance of data passage to be hacked.
It is a thin line between cost effectiveness (read cloud service usage) and security of data/information. The good news though is that with cloud becoming the rage, the security around the cloud services will also be soon.
Yeah agreed, I can imagine that there is a tonne of money being pumped into these services at the moment. I for one look forward to the day where 2 factor authentication is the standard (like on Googles products).
Good point, oivas. Cloud services are a great convenience, but we do have to be mindful of the security risks. I think it’s important to encrypt the files before storing them on any online service. Businesses especially should consider opting for this to protect their data or at the very least to make it much less vulnerable. There are some free software programs that make encryption a relatively easy process.
Very useful tools here! I especially like the idea of a separate computer for financials – added to the separate banking. By isolating the business’s finances to one home computer with limited access – an owner is almost given a double layer of protection. As far as business financials – paying bills, etc – one person should manage that. The old adage of ‘less hands in the cookie jar’ would apply here.
At my last place of employment, the register was through a POS on a laptop backed by a cloud service. To reduce threats, there were only two of us with access. The owner and myself, the manager. This lessened errors in transactions – which was a concern since all daily monies, etc went through that laptop.
Thanks for your comment!
These are among the most useful tips that anyone could provide for cyber risk assessment and security breach prevention. Any Loss prevention or cyber center in a company would do well to pay attention. The password changing concept is especially vital. Change those passwords periodically, change them!
#2 Password protection is very important. But even more so is choosing a password that is extremely difficult to crack.
A few months ago when WordPress sites were getting hacked at an incredible rate, one of the best things you could do was choose a no-nonsense password. That’s when I started using a site called StrongPasswordGenerator.com to come up with some doozies. It’s a javascript program that puts letters, numbers and symbols together. The default setting is for 15 characters, which is awesome for any application.
Also, if employees have laptops they take home, you may want to check out TrueCrypt.org. This is a free, open source program that can encrypt certain files on your system, or even your entire system. I like it because, you never know when a laptop is going to get lost or stolen. As the old saying goes, better to be safe than sorry.
Great tips, Mobowen. I agree, having long passwords that are difficult to crack is extremely important. I have also been using that site, StrongPasswordGenerator.com. Additionally, I check my existing passwords and make modifications as needed with PasswordMeter.com. It’s another great online tool.
As for laptops, companies and individuals should also look into getting some kind of protection against theft such as LoJack for Laptops and Remote Laptop Security.