Cyber Security - small business guide

May 8th, 2019

/, Cyber Security/Cyber Security – small business guide

Protecting your business against cyber attacks is easier than you may think. Simply apply these tips displayed in our infographic, approved by the National Cyber Security Centre at GCHQ, to your day-to-day and let prevention give you peace of mind.

Cyber security small business guide infographic

Cyber Security
small business guide

Back up your data.

Schedule regular backups as part of your business as usual processes. Backups give you peace of mind that you won’t lose those important files and data in the event of a virus, fire, theft, flood or general damage. It’s equally as important to test your backed-up files regularly too and make sure they can be restored.

  • Review the documents you need to back up. For most businesses this includes photos, emails, calendars and contacts – all the things stored in shared folders
  • Use a portable back up drive. Check the device containing your back up is NOT permanently connected to the PC that stores the original files physically or across a local network
  • Don’t discount the Cloud. Backing up your data to the Cloud gives you access anywhere at any time. It also removes the need for storage at your business, reducing risk further

Protect your passwords.

You don’t need us to tell you how important passwords are in protecting your data, you use them daily for business as well as personal reasons, but are yours as unpredictable as you think? Protecting your passwords is just as important as the password itself.

  • Encrypt your laptops, Macs and PCs or use encryption products that prompt you for a password to boot. Finger recognition/PIN protection for mobile devices and phones also prevents third party access
  • Turn on two-factor authentication (2FA) for email and important sites such as banking or those where you have an account
  • Avoid personal passwords. We mean those that include names of family members, pets, holiday destinations or those that are easy to guess such as passw0rd or secr3t
  • Only change your passwords when you suspect they’ve been compromised. There’s no need to update them too regularly
  • Use a password manager tool, ensuring that the master password (used to access all your other passwords) is the strongest
  • Ensure you change your device passwords supplied by the manufacturer before they’re given to staff
  • Help staff reset their passwords securely and easily. Provide secure storage units so staff can write down and store their passwords

Keep your smartphones safe.

It’s not just desktops that need your protection, your devices do too – especially those used outside of the office, on site or during a commute.

  • Use fingerprint recognition/PIN password protection for all mobile devices
  • Automatically update your devices with the latest software and app updates
  • Activate tracking tools to help find your devices if they are lost or stolen
  • Send sensitive data securely. Don’t use public Wi-Fi hotspots, use 3G or 4G connections or use VPNs
  • Update devices that are no longer supported by, or under warranty with, manufacturers and replace with up-to-date alternatives

Prevent phishing attacks.

Stop scammers sending dodgy links and requesting sensitive information – block their routes to your inbox.

  • Reduce the impact of successful phishing scams, set admin permissions on PCs so staff don’t browse private email accounts or browse the web
  • Change passwords on first suspicion of on attack and scan for malware as quickly as possible. Encourage staff to report scams to raise awareness of the techniques used
  • Spot the signs of phishing. Check the sender’s email address is legitimate and not imitating a genuine contact. Poor spelling and grammar and low-quality logos are a clear giveaway of foul play

Be mindful of malware.

Malicious software and viruses damage your systems as well as your reputation. But you can protect your business with a few simple techniques that won’t stretch your budget.

  • Create a barrier between your networks and the internet – turn your firewall on
  • Manage access to removeable media, USBs, portable hard drives and SD cards, limit access to sanctioned media and disable ports. Consider cloud storage and transfer media by email
  • Install approved antivirus software on PCs, laptops, tablets and devices and don’t download third party apps from unsecure sources
  • Automatically update your software provided by manufacturers

For more tips and information visit www.ncsc.gov.uk

Check out our Cyber Security Action Plan
2019-05-08T04:24:06+00:00

About the Author: