Lawrence Jones, CEO of cloud and dedicated hosting firm UKFast and cyber security consultancy Secarma, suggests five key steps small business owners should take to stay safe in the evolving digital landscape.
1 Use a password manager
Remembering strong passwords for all the applications you use in your business and personal life is all but impossible and many people end up either using weak passwords or re-using existing ones. Instead, use a password manager. There are many around, such as LastPass and KeePass. Be aware that some password managers have had security breaches, so be sure to keep yours up-to-date.
2 Check your backups
One of the most damaging attacks, and one of the most frequently deployed against small businesses, is Ransomware. This malicious software encrypts your critical business files, locking you out and demanding payment for release. Imagine the damage that could do to a business.
Ransomware is allowed into Windows systems when users click on malicious links, downloads or attachments in spoofed emails. Users should never open email attachments from sources they don’t recognise. Malicious emails used to be less sophisticated, with basic looking templates and spelling mistakes. Now they are branded with company logos and a forged email address. Attackers often tailor the email for their victim using information they know about their business. Personalised attacks, of course, have a higher success rate.
The frequency of this kind of attack has exploded in the last 12 months because criminals are getting results. Now’s the time to fight back. Ensure you keep regular backups in a separate location, so that if you’re held to ransom you can recover your critical files without having to pay the attackers.
3 Beware Internet of Things (IoT) devices
In many cases, IoT devices have been the weak link that has led to a security breach that puts your home network at risk. Like any software, you need to keep IoT devices up-to-date.
Think carefully before setting up a ‘port forward’ that allows you to log in to devices remotely. If you have a weak password or vulnerable device, hackers will be able to access it too, and if it’s connected to devices you use for work you’ll be leaving your business exposed.
4 Educate your team
It’s difficult to change human behaviour and break bad habits, so it’s important to get your team together in a group to discuss the risks and how to avoid them.
Show them examples of ransomware attacks and other phishing emails, and give them the stats about what falling for these scams costs individuals and businesses every year. Provide examples of how individual employees have caused irreparable damage to a business. It may seem far-fetched, but it’s important they are aware of the dangers. Ultimately, we’re all responsible.
6 Use an ad blocker
Many viruses are spread through malicious adverts. Using an ad blocker is a simple and quick win in helping you to reduce your exposure and keep your business safe.