All businesses, small or large, need to constantly work to improve their cyber security however for SMEs the danger of exposure is often greater as the budget for both IT and within that cyber security tends to be very limited. Many small businesses give little thought to cyber security leaving them open to a variety of attacks. If employers themselves aren’t educated and aware of cyber security issues, then employees are non the wiser; leaving the company exposed to both outsider and insider attacks.
Here are 5 simple tips to help you improve cyber security in your company.
It is imperative to raise and increase awareness regarding security threats with your staff. Include IT safety and security protocols in your risk assessments and employee contracts, run staff training sessions on cyber security and enforce simple safety requirements. Make cyber security an integral part of new employee inductions and constantly use secure practices thereby setting a culture of cyber security. Many companies have integrated a login message window on their networks that remind employees of their responsibility to practice proper cyber security behaviours.
Many companies base their security on a firewall and password protection, this is just outward protection. The reality is that the internet provides multiple access points to your data across various platforms. The protection you put in place must be multi-faceted and start from the perspective that an attack is guaranteed and not just a possibility. A micro-segmentation approach involves building hundreds of little walls around the specific data sets that you cannot afford to be compromised.
At the most basic level passwords are something which every employee can make much better use of. Passwords are such a simple security measure yet one that cause so many headaches in the cyber security world because they just aren’t used well. Set a standard regarding passwords, train your staff how to create secure passwords and ensure that they change them regularly. Introducing two-factor authentication is always a good idea, it provides another layer of protection against hackers and adds security to devices used outside the office.
A recent survey concluded that 58% of data in the UK is ‘dark data’. This means that the majority of companies have large amounts of data that they cannot quantify as to what it contains. Without properly understanding the data that your company holds it is impossible to know its value or protect it. Businesses need to understand the importance of different kinds of data and how it can be used and valued by thieves, this is the first step toward effectively protecting that data. Once you know your data the best security practice is to segregate data and apply different levels of security protection to it. Encrypting data and attaching multi-layer security directly to it will render it useless to hackers even if it’s taken.
Encourage vigilance amongst your employees and have clear systems in place for them to report security concerns. For example, add a one-click link to your email platform that allows users to forward suspicious emails directly to the IT team. Teach employees to update their malware and antivirus software. Encourage vigilance from employees and don’t neglect the very real threat of a malicious insider attack.
For more advice or assistance with your cyber security do contact the team at DigitalXRaid. We are here to help ensure your business is fully protected in 2017.