66% of Cheshire businesses suffered a cyber attack in the past 2 years!
..yet many lacked confidence to report the attack to the police.
So what can we do?
Business vary hugely in size. Many are small one person businesses, in which case, the usual cybersafety tips apply.
However, as your business begins to either engage teams of people using a single system or network or you start to employ staff, then you need to think more deeply about your security arrangements.
Here are the Federation of Small Businesses (FSB)’s Top Tips for basic business cyber security
- Implement a combination of security protection solutions (anti-virus, anti-spam, firewall(s)).
Check out a reliable source like www.cnet.com before you download anything.9
- Carry out regular security updates on all software and devices
Check that all devices connecting to your network are running the latest operating system (iOS or Windows or Android) and that the device is set to automatically update that software.
- Implement a resilient password policy (minimum eight characters, change regularly)
Strong passwords are key. However, it is also important to have a small set of trusted people who know those passwords. As your business grows, you'll need to know who does and does not know that key passwords.
- Secure your wireless network
That is, make sure you need the password to access your router
- Implement clear and concise procedures for email, internet and mobile devices
Get help to set your clear procedures. Do you allow your staff to view *any* website during their lunch time? Hint - not a good idea as they might easily import malware. This is particularly likely if they view online porn or trade contact details for 'free stuff'.
- Train staff in good security practices and consider employee background checks.
Staff now need to understand the risk of surfing random websites and sharing either their own data or the companies data whilst online. You may also wish to know that your staff are trust worthy too.
- Implement and test backup plans, information disposal and disaster recovery procedures
The best defence against a ransom attack is to know that you have a very recent version of your system which you can upload and will allow you to carry on trading whilst you deal with a treat. It is best to test these systems regularly too.Carry out regular security risk assessments to identify important information and systems.
- Carry out regular security testing on the business website
You'll need a white hat tech team to regularly attempt to hack your website and systems - just so that you can plug any security gaps before they become visible to criminals.
- Check provider credentials and contracts when using cloud services
Carry out security and reputation checks on anyone who holds your data in the cloud. You need to know that not only are they trust worthy, but also, do they have the checks to ensure their staff and suppliers don't become a potential leak.