Keep your business safe from cyber threats
As we get ready to wind down 2020 ( or forget it) and enter the New Year, our focus can shift away a little, our heads can get lost in functions, parties and relaxing. Cyber Criminals prey on this attitude at the end of a year and start to phish for the easy targets.
As such it is important to protect your business against cyber security threats and make the most of the tools available to you.
The online world offers us the potential for reaching a broader customer base and sometimes even save on admin or supply costs.
However, the world of online business can bring the potential for frauds and security risks. A single successful attack could seriously damage your business and cause financial burden for you and your customers, as well as affect your business’s reputation.
There are tools and processes you can put in place to safeguard your business from cyber threats.
Below are some simple steps that you can take to help protect your business and keep customer trust and confidence.
Back up data
Those of you who have read my articles and seen my presentations over the last 2 years, would have heard me bang on like broken record about backing up.
It is essential that you regularly back up your important data and information, from financial records and business plans to customer records and personal information.
This will lessen the damage in case of a breach or computer problem. Fortunately, backing up your data is cost-effective and easy.
It is an innovative idea to use multiple back-up methods to help ensure the safety of your important files. A good back-up system typically includes:
• daily incremental back-ups to a portable device and / or cloud storage service
• end-of-week server back-ups
• quarterly server back-ups
• yearly server back-ups.
Make it a habit to back up your data to an external drive or portable device like a USB stick.
Store portable devices separately offsite and do not leave them connected to the computer as they can also be infected from a cyber-attack. Having a copy of your data in a separate location will let you recover information quickly and easily in case of any data loss.
Secure your computer and devices
Small pieces of software known as malware or viruses can infect your computers, laptops, and mobile devices. Install security software on your business computers and devices to help prevent infection and ensure it includes anti-virus, anti-spy ware and anti-spam filters. Make sure that you set your security software to update automatically as updates may hold important security upgrades based on recent viruses and attacks.
Set up firewall security to protect your internal networks. Remember to install the firewall on all your portable business devices and keep them updated and patched to prevent threats entering your network. Do not forget your mobiles!
Monitor and protect the use of computer equipment and systems
Maintain a record of all the computer equipment and software used by your business. Keep items secure to prevent forbidden access and remind employees to be mindful of where and how they keep their devices.
Educate employees on using a USB stick or portable hard drive. An unknown cyber threat can accidentally transfer from a portable device from home directly into your business system.
Remove any software or equipment that you no longer need and ensure that no sensitive information is on them when thrown out. Bet yet have them securely destroyed
Manage administrative passwords
Change all default passwords and look at disabling administrative access entirely for anyone who does not needed it to avoid an attacker from gaining access to your computer or network. Make sure you change each password to something new that cannot be easily guessed. Attackers have the potential to gain full access to your system from an administrator level account.
To reduce the risk of your computer becoming infected, create a standard user account with a strong password you can use daily.
Choose strong passwords
By creating strong passwords, you are improving your digital security.
Use passwords to protect access to your devices that hold important business information. Having a password such as ‘123456’ or worse still, ‘password’ is leaving yourself open to being hacked.
Frequently change your passwords every few months. If you use the same password for everything, once someone has your password, all your accounts are potentially under attack.
Consider using a password manager that securely stores and creates passwords for you.
Educate your staff to be safe online
It is important to train your staff on the threats they can face online and the significant role they play in keeping your business safe.
Your staff need to be aware of their computer rights and responsibilities as well as their network access usage. Be specific about the types of online practices that are acceptable when using work computers, devices, and emails.
Training staff on keeping good passwords, being aware of fraudulent emails and reporting suspicious online activity will help ensure good cyber security practices.
Put security measures in place
Have policies and procedures in place for your staff that outlines what is the accepted standard when accessing:
• data
• emails and
• the internet.
Establish a strong social media policy, which sets what type of business information your staff can share online, and where. An attacker can develop a convincing fraud tailored to your employee by building a profile from their business and personal information they post online.
Make sure your employees are aware of the policies and that they review them regularly. You may also consider refresher training in these policies to ensure all employees are aware of the IT security and data policies in your business.
Protect your customers
No matter the size of your customer information database, it is important that you keep it safe. Aside from being a huge blow to your organisation’s reputation, there may be legal consequences for losing customers’ personal information.
There are privacy laws that determine what you can do with the personal information of your customers. It is important to be aware of the Australian Privacy Principles (APPs) and have a clear and up to date privacy policy. The privacy policy outlines the information you collect, what you use it for and how you protect it. It is a clever idea, if you are online, to have this available on your websites.
Keep yourself informed about the latest cyber security risks
Online transaction issues and payment fraud can be a real concern for businesses trading online. It is important to stay informed about the latest frauds and security risks. Subscribe to the Stay Smart Online Alert Service - https://www.staysmartonline.gov.au/alert-service to receive up-to-date information on cyber security issues and solutions.
It is a scary Tech world that we live in, information is shared so easily and rapidly, and it is only increasing. Being safe and smart online will help prevent chances of your business or your personal devices becoming targets from hackers and cyber criminals!