Cyber security guide for small businesses

posted by 3 years ago in Guide

A lack of business awareness of the Government Cyber Aware campaign has been highlighted in a new report.

Just 21 per cent of firms across the country claimed to know about the new standard despite it being released in 2013.

1,523 UK businesses were questioned as part of the ‘Cyber Security Breaches Survey 2017′, released by the Department of Culture, Media & Sport.

So, what should you know about cyber security? Here’s our guide to what you can do to protect your business…

Set up an employee internet policy

Make all staff aware of your expectations regarding cyber security. Over a quarter of SMEs (26%) say that they do not train and educate their staff on the threat of cyber security because they are “not sure where to start.” Setting up a policy for internet use and encouraging your staff to read it is a good place to start! Include advice on practices from backing up data to using passwords and keeping devices safe. An appropriate policy will help avoid phishing attacks and data theft.

Use password protection

A screen lock password or PIN on mobiles, devices, PCs and laptops will give an extra layer of protection. Change all default passwords and avoid using obvious passwords. A reset function will help your staff when it comes to remembering login information.

Back up your data

Your essential data will include emails, documents, photos and calendar entries. You need to keep these saved on a device separate from your computer somewhere that cannot be accessed by employees. Consider switching to cloud storage. A service provider will store your data on their infrastructure which means that your data is kept separately from your location.

Keep devices safe

Password protection is essential for work devices. Staff should be encouraged not to connect to unknown Wi-Fi hotspots. Apps and devices should be kept up-to-date and staff should be encouraged not to lose devices. If the worst happens and they are mislaid, it will be less of a drama if you have made sure they can be tracked and locked or wiped.

Avoid phishing attacks

Phishing attacks are emails that appear to be from a legitimate source but, when opened, can lead to compromised passwords or bank details. To prevent these attacks, all staff should be made aware of the obvious signs of phishing emails such as design quality and wording. You should give staff the lowest level of user rights for protection and report phishing attacks immediately.