How To Protect Your Business From Cyber Attacks

15 Things You Can Do to Reduce Your Risk

In 2017, The Alternative Board surveyed hundreds of business owners about their cybersecurity experiences and fears, as well as their plans for keeping their companies safe. According to the results, over half of the business owners have experienced some form of cybercrime, yet less than half have measures in place to protect themselves against future attacks.

Small businesses are clearly targets for cyber threats for obvious reasons, but businesses everywhere should prepare themselves for the worst.

Even if a small business is the unlikely target of a cyber threat, they should prepare themselves. If a high-ticket attacker is not interested in targeting them, an ex-employee or a competitor may be. Small businesses should therefore get better prepared.

There are plenty of sophisticated – and very expensive – solutions that can be put in place to protect your business. These involve a combination of security experts and software that can be engaged to identify any vulnerabilities and get them corrected. Most small businesses cannot afford this level of solution.

15 Steps to Improve Information Security 

Here are 15 steps a small business owner should take to improve the security of their information. This includes protection against both cyber attacks and physical security breaches.

1. Be sure every computer in your business has anti-virus software installed. Confirm with your IT person that the software is configured to automatically load the latest virus definitions.
2. Do not allow employees to use their personal computers to access your IT systems.
3. Confirm with your IT person that you have a firewall sitting between your computers and the Internet.
4. Be sure your IT person has a regularly scheduled process for applying the latest security patches to all of your computers.
5. Ensure all of your computers are set up to lock themselves after 30 minutes of inactivity.
6. Be sure each of your employees has a unique username and password, your systems are set up to force a password change every 90 days, and your employees are not sharing passwords. Ensure your employees do NOT record their passwords on sticky notes sitting on their desk.
7. Do not print out any documents with secure data unless absolutely necessary. If documents need to be stored, make sure the hard copies are always physically secured. If you have to print out documents with secure data, utilise a shredding service to destroy sensitive documents after usage.
8. Confirm with your IT person your data is backed up (offsite), you’ve tested a restore from backup, and your servers are connected to an Uninterrupted Power Supply (UPS).
9. Create a written information security policy. Require existing and new employees to review and sign off.
10. If you provide a guest wireless network, keep this separate from the wireless network your employees use. Do not put your guests and employees on the same wireless network.
11. Ensure that your employees are very aware that they should never click on links from an unfamiliar email sender. If you think an email/link is legitimate, then go to the website in the link and open the link directly. Never open email attachments from unfamiliar senders.
12. Consider Restricted User Profiles for your employees’ workstations; this allows only your System Administrator to install new software and greatly reduces the risk of spyware and viruses.
13. Be sure all of your employees use strong passwords (e.g. inclusive of numbers, capitals, and non-alphanumeric characters).
14. Utilise security features of wireless routers. This is also very important for your home because hackers attempt to break into home PCs in order to have them work for them.
15. Sign up for the Australian Computer Emergency Readiness Team (CERT Australia) mailing list to receive the latest cybersecurity information directly to your inbox. Written for home and business users, alerts provide timely information about current security issues and vulnerabilities. Sign up to alerts here. 

You may just want to hand this to your IT employee/consultant to run down. Getting a thumbs up on each of these items should help you sleep a lot better at night.