6 Cyber Security Tips Every Small Business Needs to Know
Cyber security is essential for any business but for smaller businesses in particular cybercrime can decimate your company. Customers are quick to lose faith and trust in companies that cannot offer security for their personal data and financial details and even one cyber penetration could lead to the collapse of a small business. 71% of cyber-attacks occur at companies with 100 employees or less. Smaller companies are targeted more often by hackers as their security tends to be weaker and they can serve as easy entry points to larger companies.
Here are six cyber security tips that you should put in place in order to protect your business and reduce the threat of cybercrime.
1. Control Admin Access
The first step toward improving your cybersecurity is to limit the number of people with admin access. Unfettered admin access across employees who don’t need it is one of the biggest threats to business security. Our advice is to invest time into setting up proper administrative security, logins and passwords and to enforce time window and geo-fencing measures to limit access to secure information, particularly from personal devices and when not on company premises.
2. Password Strategy
Most small business allow employees to regulate their own passwords and don’t provide them with any education on this process. Weak passwords leave your systems vulnerable to brute force attacks. Employing a password strategy is a simple and effective way to greatly enhance your companies cyber security. You should ensure employees choose passwords with uppercase and lowercase letters as well as symbols and numbers. They should regularly change their passwords too. For admin access you need to use even more complicated passwords. There should be consequences that are adhered to if employees don’t follow the password strategy – cyber security must be taken seriously.
3. Secure Backup
You should have a secure offsite backup of your data. In the case of your data being held to ransom you can retain access by ensuring you have a workable back up plan i.e. that data is stored elsewhere in an accessible format such as on the cloud.
4. Monitor Employees
One of the greatest threats to cyber security is that of the malicious insider. Over 50% of attacks actually come from within the company. To prevent such attacks, you need to closely monitor your employees, particularly those with admin access to secure data. You can’t be seen to be overly invasive of your employee’s privacy but you can add limits to data access on personal devices and increase security by building up layers of admin access meaning employees only access the data they need to do their job.
5. Secure Communications
Many companies use email as their main way of communicating and employees may transfer secure information and data via email which can so easily be compromised. The most secure way to transmit information is actually via fax! If employees have phones which they use for business and personal use, there needs to be a clear policy on the data that can be accessed and stored on those devices and clear guidelines as to when the device could be wiped clean if that proved necessary.
6. Cyber Insurance
Cyber insurance is a good option for small businesses and is becoming increasingly popular option for those looking to protect credit card information, customer names and addresses, and other sensitive data. You will most likely find that your general liability insurance doesn’t cover cybersecurity breaches, in which case you could look to take out an additional cyber insurance policy.
Cyber Essentials through IASME comes with £25000 worth of cyber security insurance upon on completion. This also addresses most of the above steps and ensures your business conforms to government endorsed standards.
To find out more about our Penetration testing click here. If you would like to speak to a member of our team about your cyber security then we would be more than happy to help, just get in touch.