All through September, we will be sharing the free tips and tricks, that you can implement straight away to ensure your organisation protects itself from cybersecurity threats.
Currently in the UK, 32% of SMEs experience cyber-attacks every year, a figure that is increasing, with costs running into the thousands of pounds. With a few preventive measures, it is actually possible for you to fight these threats. By implementing various techniques, strategies, using free tools and being aware of the main ways your business might be targeted, you can take protect your business today.
Come back throughout September as we add more tips. It’s time to become CyberSmart.
1. Use Two Factor Authentication (2FA)
Adding an extra layer of security to your accounts can never be a bad idea. With a lot of platforms these days, 2FA is available, where you either: receive an SMS (least safe), Email (medium level safety) or authenticate via an app (recommended). There are free and premium solutions available, such as 1Password, allowing you to enable higher levels of security and 2FA across all your personal and business accounts.
2. Time to have an app clear out
Do you know all those apps you have installed but you never use, they should go. If you have apps that have been installed for months, not been updated, they could be full of vulnerabilities, waiting for a cybercriminal to exploit. When you delete these apps make sure to delete your account and unlink any credentials.
3. Are your email details available on the internet already?
This can be a scary thought but more than likely, your email has been compromised before. With the introduction of GDPR, more and more companies are openly admitting cyber breaches. We recommend using haveibeenpwned.com to check if your email has been compromised in a data breach before. Simply enter your email, check for breaches and address the situation.
4. Are you really going to plug that USB in?
You should be extremely careful with USB devices. Even after formatting, malware can still be present so ensure you completely trust the source of the device or go one better, do away with using USB full stop.
5. Update, Update, Update
Updating your apps and software can prevent 85% of targeted attacks. Make your business safer by allowing all updates to be automated, you don’t even need to think about it.
Make sure your operating system (on all your devices) and all applications are updated, at all times, updates are free after all.
6. Always lock your devices
It’s often funny when you walk away from your computer to come back and find a funny background picture, right? During the time you allowed for that to happen your business could have experienced a catastrophic and business impacting data breach (and many other potential risks).
Always lock your screens, and make them only accessible by you.
7. Might be 2019, but that doesn’t mean Antivirus is out of fashion
Antivirus is a necessity for all your devices, desktop and mobile. Without an antivirus, you are putting your business at risk of those pesky viruses but also of Malware, lurking in the background, dormant or actively damaging your device. There are many antivirus options out there, some may even come pre-installed with your device, others with free and premium versions. There’s no excuse not to be using an antivirus.
8. Turn on your firewall
Most operating systems come with a firewall and there’s a very good reason for this. Ensure all your business devices have this on, as it’ll create a buffer zone between your network and the internet, a highly valuable preventive measure for cyber attacks.
9. Ransomware, sounds scary but what is it?
Ransomware is one of the biggest cyber threats your business faces as it encrypts ALL YOUR DATA and locks you out of your device. Then normally it requests a ransom payment of a few hundreds of pounds in order to give you a decryption key.
How do you protect yourself?
- Backup all your data (often and in different locations)
- Vital business information shouldn’t be only on your computer
- Don’t click on emails from unknown senders (and NEVER access .zip files in emails from these senders)
- Like we mentioned earlier, UPDATE your OS and apps
- Have an antivirus installed
10. Do you know how to spot a phishing email?
Firstly, a phishing email’s intention is an attempt to collect your personal data, and more than likely you have come across it one (or many) before.
- Serious businesses will never display your email address in the subject line
- Check out the sender and their email, try to spot how valid it is
- You don’t have to open an email just because it instils some sort of urgency (the more urgent it may look, the higher the likelihood of a breach)
- Always check links before you click.
11. Check back tomorrow
Looking to improve your cybersecurity but not sure where to begin? Start by getting certified in Cyber Essentials, the UK government scheme that covers all the fundamentals of cyber hygiene.