Being cyber secure is good for business. Not only does it protect you operationally, it also helps to build your reputation as a reliable company to buy from.
Here are some of our golden rules to help keep your organisation IT secure:
1. Communicate. Communicate. Communicate
Ensure everyone in your business knows that they have a personal responsibility for the company’s cybersecurity. Most breaches are caused by human error. Once you have established your procedures, make sure you share them with everyone in the team.
2. Stay updated
Make sure everyone is running all of the latest versions of any applications. The latest versions usually include security updates that help to protect the devices they are running on.
If you are one of our customers, you know how much importance we put on backups. They are essential. You might think ‘it’ will never happen to you. But let us tell you, ‘it’ could. We’ve seen it happen. There are a multitude of backup solutions on the marketplace. Research which one is right for you and your business. How much storage do you need? How long do you want to back things up for? How easy is it to retrieve? Where is the backup? Is it off-site? Is it in the cloud? Where is the cloud storage, and how secure is that? How does it work? How do I know if it is working (key point here – if you already have backups in place, or THINK you have, when was the last time you checked they were working?).
Please contact our IT experts here at SCS Technology Solutions if you would like some impartial advice regarding the backup solution we would recommend for your business.
4. Antivirus protection and security measures
Once again, you have many options here. In most cases, you get what you pay for, so do your research carefully. You will want to consider antivirus software, firewalls, and multifactor authentication to minimise the risk and protect your business.
How would you operate if you lost all of your data or if all of your systems went down? How much would that cost you? What damage would that do to your reputation?
Antivirus protection and security measures are essential in today’s hostile cyber-threat-ridden world. If you need some help navigating the various options, please give us a no-obligation call.
5. Authorise all software installations
Don’t allow your team to install any software that has not been authorised by yourself or the person responsible for IT in your organisation. There are a lot of rogue applications out there that could quickly introduce security vulnerabilities.
We know you know this. But ensure everyone has strong passwords. Far too few SMEs have password policies in place. Each application should have a different, complex password. Not the name of your pet for everything you log into. Passwords should be at least 13 characters and be a mixture of upper- and lower-case letters, symbols, and numbers, or the National Security Agency recommends three random words. Whatever you choose for your password policy, at the very least, ensure you change all default passwords (the ones set by manufacturers when you purchase a device).
7. Gone phishing
Phishing is a form of cyber-attack. Most often in the form of an email that contains a link that might look authentic but isn’t. It is, in fact, a virus. Train all staff to NEVER click on a link if it seems even slightly unusual or out of character for the sender. Always PICK UP THE PHONE to check authenticity. It is better to be safe than sorry.
8. Watch those mobile devices
Particularly with home-working now being so prevalent. Ensure your wider network of connected devices is as secure as the ones in the office.
9. Feel the fear but do it anyway
Your team needs to know the repercussions of not following procedures and/or accidentally clicking a phishing link and causing cyber damage. However, they must also know that if they even ‘think’ they may have done something that could have led to a security breach, they must feel able to report it immediately. Time is often of the essence in these cases.
SCS Technology Solutions can set up security measures for your business to stop attacks before they happen. We can also provide you with training on how to recognise an attack and how to report it.