Apr 14, 2019

Cyber Security: Keeping Your Small Business Safe Online

written by Abby Avery

Welcome to the second part of our keeping safe online series. This one will focus on how businesses can take back control of their data.

As the digital age has changed the way we work and live, it’s also changed the way business is done. With so many businesses becoming digital, it’s more important than ever to have effective cyber security in place. The internet has created huge opportunities for businesses but there is also major risks involved, especially the financial losses associated with cyber criminals.  This can seem more significant for small businesses who may have less defenses in place and often fall victim to these crimes. We are here to inform small businesses how they can protect themselves and their customers online.

Not only is the topic of cyber security important for financial reasons, it’s essential in ensuring that your reputation remains intact and your customers trust you. The use of the internet and digital platforms have become such an integrated part of our daily lives, it’s often easy to overlook interactions that may be putting our businesses and data at risk; whether that be using the same, obvious password for every online account, or entering personal details into a new website, or sharing sensitive information in emails.


In light of this, the rising advancements in technology and the increase in data scandal revelations, it’s becoming more and more important to take back control. Earlier this year, the BBC reported yet again on the issues of Facebook and its data privacy practices. The social network allegedly shared access to users’ data with other tech firms including Amazon, Apple and Netflix. It was suggested that some of the companies weren’t even aware they had special access. But this isn’t the first time that there’s been privacy issues within social media companies, and it’s unlikely to be the last. As more stories hit the headlines, consumers are losing confidence in brands and becoming more aware of how and where their data is being used online.

For information about how to manage your permissions and privacy settings on social media, read our previous article here.

This article will look to prove that cyber security doesn’t need to be a daunting challenge for small business owners. We’ve created a list of easy, cost effective steps to help you get started.


Backing up your data

Making regular backups will ensure that important information can be recovered if there is any data loss from theft, file corruption or even physical damage.

  • Identify what needs to be backed up- customer details, quotes, documents. Ensure backing up becomes part of the everyday business.
  • Ensure the device holding the backup is separate to the device with the original copy.
  • Consider backing up in the cloud- this is a virtual space area where your data is stored away from the office, but accessible from anywhere.
Keeping smart technology safe (Smart Phones, Tablets)

Technology, which staff use outside of the office need to be protected event more than desktop equipment.

  • Make sure there is pin protection, finger print recognition/face recognition.
  • Configure devices so when they’re lost or stolen they can be tracked and remotely locked.
  • Keep devices up to date, including all apps. Use the ‘automatically update’ setting.
  • Replace devices which are outdated and don’t support new updates.
  • Avoid connecting to open WI-FI and public hotspots, stick to using 3/4g.


Preventing Malware damage

Malware is malicious software and viruses that can damage your technology.

  • Use anti-virus software on all computers and laptops. Only install approved software on tablets and smartphones. Never download software from unknown sources.
  • Promptly apply all software updates provided.
  • Encourage staff to transfer files via email or cloud storage rather than via USB sticks and SD cards.
  • Switch on firewall to create a buffer zone between your network and the internet.


Avoiding phishing attacks

Phishing is a fraudulent attempt to obtain sensitive information such as credit card details, passwords and usernames by disguising as a trust worthy entity.

  • Check for obvious phishing, like poor grammar and spelling.
  • Check to see if the email address looks legitimate, or just mimicking an email you know.
  • Check for low quality logos/ trademarks.
  • Never provide card or login details over email.
  • Never click on a link embedded in an email unless you’re sure you know the source.


Using passwords to protect data

Passwords are a free and easy way to prevent unauthorised people from entering your devices.

  • Avoid predictable passwords such as family names or the business name. It’s often best to use a password generator website for the highest protection, and change occasionally.
  • Make sure all laptops, computers, mobiles require pin or password protection.
  • Use two factor authentication- especially important for online banking.
  • If you think someone else knows your password, let your IT team know asap.
  • Change manufacturer default passwords on devices before giving them to staff.
  • Keep track of every website and platform that your business has access to, and be sure to revoke permissions or change passwords every time an employee leaves the business.


By following these simple and cost effective tips to make improvements to your online security you will help to enhance your reputation, improve customer confidence and most importantly, ensure that you keep your small business safe and protected online.