Improving cybersecurity in your small business office

The recent cybercrime incident experienced by the NHS highlights just how easily an organisation can be brought to a standstill by an online attack. As the owner of an SME, you’re particularly vulnerable to this type of threat – with 60% of smaller companies going out of business within six months of suffering a cyber-attack.

Ensuring the online security of your business should be a top priority. Here’s a useful checklist, detailing vital steps to take to protect your company.

Develop staff security policies

It’s important to develop a code of secure conduct within the workplace, and ensure all members of staff adhere to it. For example, staff need to practice good password management, safe behaviour whilst online (e.g. browsing social media sites), and understand when it’s safe to open attachments in emails.

Install anti-virus software

It sounds obvious, but you’d be amazed how often this piece of advice goes ignored. Every computer should have anti-virus software as standard and it should be regularly updated – not only the programme itself, but also the database of known viruses within the programme. Many anti-virus software packages come with automatic updates, so that their database of known viruses are updated consistently, often in real-time.

Back up all data

Ransomware is a relatively new threat, in which a hacker encrypts all your data, then demands money from you in return for removing the encryption. The easiest way to avoid this is to back up all data every day. If you haven’t already, set up an automatic backup system using cloud storage or another service – this means you won’t have to worry about forgetting to do it.

Adopt the ‘micro-segmentation’ approach

According to Jason Hart, CTO  for digital security specialist Gemalto, companies need to accept that a breach of security in the 21st century is inevitable. As such, your approach should focus on how to cope with security breaches as well as on how to prevent them. The new method of managing security breaches is called ‘micro-segmentation’, which essentially involves creating lots of small walls (rather than one large firewall) around the data that needs protecting most. Then, if a hacker does manage to gain access, they won’t be able to cause large-scale disruption.

Be aware of mobile threat

As remote working becomes more popular, more and more employees are operating via a mobile device, such as a smartphone or tablet. However, this working arrangement can cause issues in terms of protecting data. At the very least, SMEs should have the ability to wipe mobile devices remotely in the event of theft or loss. It’s also worthwhile considering restricting staff access to important data and systems.

Introduce multi-factor authentication

These days, a single password seldom offers enough protection, particularly if it’s accidentally leaked. Introducing multi-factor authentication for email accounts, data systems, account settings or even social media feeds, provides extra defence against hackers.

Assess online security on a regular basis

The world of technology changes at a staggering rate – as do online threats. As such, it’s important not to view security measures as a one-time event. At a bare minimum, all security systems should be tested every few months, to ensure they’re capable of handling new threats.

Conclusion

Although some security measures may involve expenditure, remember that a cyber-attack is likely to cost your company far more. In short, it pays to protect your business online – and to stay on top of the latest online security developments.