Small and Medium Businesses (SMBs) are just as vulnerable as bigger organisations and its important we are proactive with our approach to security. SMB's usually lack a formal cyber security program and as a result have a lack of security policy and associated process to support security best practices. SMBs should be mindful of common gaps in cyber security that can cause severe damage to their business.
If you don't yet have a strategic partner to mature your cyber security, below are seven tips to help address some low hanging fruit and avoid possible threats. If you would like to talk about having a managed cyber security service, get in touch!
Remember that you should not ignore software updates because they can help boost its security that is beneficial for your business. Skipping the software update makes your computers or any other devices vulnerable to online threats. Hackers consider this as a weak spot, and they look for software that is not updated when they try to hack your files.
Phishing emails are designed to allow bad actors access to sensitive information. Oftentimes, the email is sent by what seems to be a reliable person or company. Before giving out any confidential information through email, verify the person or company first by doing a quick search online.
There have been a growing number of phishing victims in the past years. In the past, phishing emails were easily be recognized, but nowadays, these emails are starting to appear legitimate. Phishing emails cause unimaginable trouble like emptying bank accounts and opening social accounts, to name a few.
Ransomware is a malware that encrypts files. This could lock up your data, and hackers do this for financial gain. If you fall prey to this cyber security threat, the hacker will have access to all your essential files, and they will lock all your files until you pay a ransom. SMBs should have reliable data backups, ideally on a seperate system from where the data is hosted and antivirus software with ransomware detection to identify and stop ransomware viruses executing in the firstplace.
Keep your office Wi-Fi network updated at all times. It should be at the WPA2 standard to make it difficult for bad actors to infiltrate the system. Your Wi-Fi network should also have a long and secure password that will discourage hackers from attempting to access your system. Also be cognizant of available unprotected desk network ports, if they are spare and not in use get them disabled!
All SMBs should have a backup plan (a Business Continuity Plan) to ensure recovery in a catastrophic scenario. Invest in a secure backup solution making sure your data is in multiple locations and encrypted. Cloud storage could be a good contender here if used correctly.
The mobile devices that you use for your business should also be secured. At the minimum, ensure your staff are password-protecting and enabling disk encryption on their mobile devices. You should to create good policy and procedure to support secure mobile devices and this should be prudently followed by all your employees.
You must be aware that not all attacks are external in fact, most cyber security threats come from inside the company and usually by accident! To help avoid this, limit employees’ access to what is required for them to perform their duties. This can be a difficult balance to achieve but is a necessary task.
The tips given above will help you lowering the attack surface of your organisation. Establishing a good technology and cyber security strategy will help you reduce the risk of cyber threats and ensure business continuity.
If you would like us to assist with deploying security best practices, please get in touch with us: Book a Call