10 steps to keeping your business safe online
Online security is becoming increasingly important for both start-ups and established businesses. The NCSC reported that if you’re a SME there’s around a 1 in 2 chance that you’ll be subject to a cyber breach. Not only is your business then at risk but these breaches could result in costs as high as £1,400.
With more threats appearing, your business needs to stay secure. But, it can be difficult to know where to start.
Here’s 10 steps to help keep your business safe online:
1. Managing risk
Create a list of your assets and consider the potential risks to your business. Examples of typical assets that need to be considered for security include laptops, smartphones, and data. You might want to number these in order of importance.
Make sure that you use secure passwords for any important information and accounts and try to make sure that these are fairly complex to avoid a breach. It is recommended to create a long password using a passphrase that you can easily remember or store your complex passwords in a password manager.
3. Preventing viruses
You can get a computer virus from opening suspicious attachments, using unchecked portable devices such as USBs, clicking links from suspicious emails or downloading files from untrusted sources. So be sure to use an anti-virus software and activate a firewall.
4. Security settings
As well as ensuring all your software is up to date, you could consider noting down the serial asset numbers for your computer and backing up your data regularly. Additionally, you should keep your web browser up to date and activate a pop-up blocker.
5. Browsing and sharing safely
If you’re out and about as a business owner regularly, it could be beneficial to encrypt all your personal and confidential information so that you can freely use public Wi-Fi and still browse and share files safely.
6. Securing your own equipment
If you’re using personal devices for business activities, make sure they’re protected and encrypted. Add passwords to all your mobile devices and use antivirus software if possible. When an employee leaves, make sure you change passwords and permissions.
If you use USB devices, be sure to encrypt the data on them to ensure confidentiality because they’re susceptible to viruses. If they’re not fundamental to your business, simply don’t use them.
All of your staff should have proper training to make them aware of your security policies. They should know all of the potential cyber threats, main risk areas, and consequences if your security is breached.
Regularly check the reports that your security software offers to detect any suspicious activity. You can also check the logs for operating systems and email accounts.
10. Managing security incidents
It’s important to have a process to manage security incidents should they occur. Run regular backups to your data so that you have a copy should you lose your data to malware such as ransomware.