Intro – Cyber security
It is very easy to think that just because you’re a small business that cybercriminals will ignore you. The mentality of “there is not much to take” is very common amongst small business owners, but it is also a very dangerous one to have, especially for your cyber security.
So much so, that the U.S. Congressional Small Business Committee found that 71% of cyber-attacks were aimed at small businesses with less than 100 employees. Even worse than that is “the 2016 state of SMB CyberSecurity Report by Ponemon and Keeper” which showed that over half of SMBs have had a security breach in the last 12 months.
So you must be wondering, what can I do? How can I stop these cybercriminals? Well, here are some simple cyber security ‘best practices’ for any type of business to start implementing today.
Use a firewall.
This might be the most obvious practices to take, however, as seen in the stats mentioned above, a lot of business are still not implementing THIS first line of defence.
The FCC ( Federal Communications Commission) suggests that all SMBs set up a Firewall. There are many types of firewall that you can choose for your business. However, they are mainly split into two major categories: external firewall and internal firewall.
Here is a link with more information on what best Firewalls to purchase for your Businesses in 2019/20.
Document your cybersecurity policies
What is a cyber security policy:
A cyber security policy outlines your businesses’s:
- Assests that you need to protect
- Threats to those assets
- Rules and controls for protecting them, and your business.
It is important to create a cyber security policy, especially if you have employees and/or multiple offices. It will act as a guide for them and help them understand their role in protecting the technology and information assets of your business.
Click on this link to see a great step-by-step guide on how to create your own cybersecurity policy.
Plan for mobile devices (BYOD)
With 50% of businesses currently allowing BYOD (Bring your own device), it is vital that your business’s cybersecurity policy is in place, especially for exiting employees.
Here are some vital points that you should consider if your business operates under this model:
- Focus on all mobile (Smart watches included)
- Have a process for exiting employees
- Require immediate notification for lost and stolen devices
- Require mobile device management on all devices
- Set password guidelines
- Use network access control (NAC) software
- Implement two-factor authentication for mobile network access
- Use endpoint protection
For more in-depth information on planning for mobile devices click here.
Educate all employees
In small to medium sized businesses it is fairly common that the employees have multiple roles and therefore might not be trained in all areas of the company (including its cybersecurity policy). Therefore it is important that everyone be trained on what best practices to use – across the entire business.
Here are the areas that Assuredata can train your employees in:
1. Cyber Security
We can offer a number of cyber security training courses, from end user awareness training to in depth best practise training. We have standard 1 morning and 1 day classes, but can fully bespoke them to your requirements.
2. Data Protection
We can offer a number of data protection training courses, from end user awareness training to in depth best practise training. We have standard 1 morning and 1 day classes, but can fully bespoke them to your requirements.
3. Senior Staff Security
Directors and C level staff within organisations are being specifically targeted on a more regular basis. We can help them to recognise the risks and stay secure.
4. Security On The Move
If your staff have to travel, then there are particular dangers they may face whilst on the move. This course gives them some great tips on how to stay safe both physically and online.
5. Social Engineering
The human factor is always the weakest link within organisations and social engineers take advantage of this fact. Our half day social engineering course gives your organisation a great insight into how to recognise the methods they use.
For more information about our training, pricing and logistics please get in touch with us.
Enforce safe password practices
Of course employees find changing passwords difficult and frustrating. However, the Verizon 2016 Data Breach Investigations Report found that 63 percent of data breaches happened due to lost, stolen or weak passwords. Also, according to the Keeper Security and Ponemon Institute Report, 65 percent of SMBs with password policies do not enforce it. So, the solution here is to ensure that all employees change their passwords regularly, to ensure that they are strong passwords and that the password policies are enforced.
For more in-depth information on safe password practices click here.
Get In Touch
For more information regarding our training and how we can help your business.