It’s not a secret that small businesses are often over-stretched – it’s the nature of running a small business. Very often a business owner is expected to be an accountant, HR executive, IT expert, as well as the boss. So, it’s also no surprise that external threats such as cyber security attacks can often be overlooked.
Nearly three quarters of SME businesses don’t have adequate security protection against the threat of cyber-attacks. Despite this, it’s known that many businesses are aware of the threats faced but don’t know where to start when making provisions against it. This leaves businesses vulnerable to attack, in some cases with valuable data and customer knowledge being stolen.
Not only is business knowledge at risk of attack, if computer systems are down for a period of time, as witnessed last year with the NHS attack, many businesses face total destruction and would need to shut down, some permanently.
Lots of businesses think they’re too small or unimportant to be targeted but from the experience of some small businesses that have been hacked, this has proven to not be true.
We’ve put together a couple of tips to help you begin safeguarding your business against threats.
1.Make sure you have at least a base level of protection, government advice is available for free and is vital for SMEs. Additionally, there are a multitude of SME cyber security guides online.
Since cyber threats have become more common, the government has placed a higher priority on informing businesses on the ways they can protect themselves through its Cyber Essentials initiative. The Small Business Guide can be found at https://www.ncsc.gov.uk/collection/small-business-guide
2. Watch out for ransomware and phishing, training should be provided to all staff on cybersecurity risks such as phishing (where someone tries to obtain secure information, access by sending fraudulent emails or enticing users to click on a link or open a document) and ransomware (where a victim’s data is encrypted and made inaccessible unless a payment is made). This can be a blind spot in the fight against cybercrime and should be a priority for businesses who want to remain safe.
3. Don’t rely on a single safeguard, if an SME believes one password or a firewall alone can act as protection, they may be caught out when a hacker comes in through one of the many potential windows to their business-critical data.
4. Get an SSL Certificate for your website, one of the most important cybersecurity tips for small businesses is to get an SSL certificate. This allows an SME to securely send and receive sensitive information, like credit card numbers and passwords, by encrypting it. Without this certificate, any computer between an SME and the server that is receiving the information can get access to sensitive information. For help getting started: http://www.howto-expert.com/how-to-get-https-setting-up-ssl-on-your-website/
5. Train your users, when it comes to cybersecurity most companies tend to buy off the shelf software (such as firewalls and antiviruses) or a convoluted solution to feel safe from outside threat. Underestimating the biggest threat of all: your employees.
Most of the successful attacks against companies are leveraged by the help of an oblivious employee. Training your employee to recognise outside threats and suspicious emails or activities is vital for the overall safety of your network.