To help prevent this, large organisations carry out expensive Red Flag operations to test their cyber security. As well as attempting to hack into business systems remotely, these mock-attacks almost always include trying to trick individuals into revealing sensitive information and often physically breaking into buildings to access hardware.
This kind of testing is not realistic or even necessary for the average small business, but knowing the key entry routes for cyber criminals and how to defend against attacks, is.
These 6 simple but effective security measures will make your business a less-appealing target for cyber criminals and help keep your data safe if you are attacked.
Install anti-virus software on all of your devices
Anti-virus software is not just for computers, your phones and tablets should also be protected. Free anti-virus software is available but won’t offer the same level of protection as the paid versions.
Use secure passwords
Most of us have been guilty of re-using passwords, sometimes even for sensitive accounts such as online banking or emails. This is an incredibly risky habit. If you’re worried you won’t remember all of your passwords you can use a secure password management system such as LastPass. Password management systems also let you share log-ins with employees without ever revealing the passwords.
Protect your hardware
Three very simple steps you can take to lower the risk of theft are: don’t leave devices in a car for any amount of time, loop your bag straps around a chair leg when you’re working in a public place to avoid snatch-and-runs, and make sure your office (including your home if that’s where you work) has a security system.
If you haven’t done so already, you should install tracking software on your devices to help locate them in the event of loss or theft.
Remember that under GDPR, if a device containing personal information is stolen you will need to notify the Information Commissioners Office within 72 hours.
Keep your software up to date
One of the easiest ways to protect your business from cyber-attacks is to keep your computer systems up to date. Something as simple as hitting ‘update later’ could be putting your business at risk if the update includes security improvements. To avoid interrupting your workflow, most computers allow you to schedule updates for a specific time each week, such as at the end of the day on Friday.
Educate your employees
Human error is one of the biggest risk factors when it comes to cyber security. Your employees should know how to spot a fraudulent email, text, or online message, and should follow the same best-practices as you do for looking after hardware and backing up data. Most IT support companies offer cyber security training or you can teach yourself by reading online guides.
Back up your data
Having a back up of your data means that if you fall victim to a cyber attack your business won’t grind to a halt. You can back up your data onto external hard drives (remember to unplug them between back ups) or to the Cloud.