What Does Your Business Need To Be Secure?
Written by Chris Thornton, 20 January 2016
Every business needs a cyber-security policy but understanding the role and function your defences is key to a successful strategy...
Given the range of cyber-threats small businesses face, knowing how to defend ourselves properly can be daunting. The idea that cyber-security is unnecessary or unaffordable for SMEs is far from the truth: with hackers and other malicious entities increasingly targeting small business, now is the time to ensure your defences are built on solid foundations.
Many small business owners and managers fail to think carefully enough about the security needs of their organisation - and end up building a plan that leaves vulnerabilities. A firewall is no use if you don't keep your software updated, similarly, installing antivirus software is unhelpful if your employees don't understand how to recognise malware threats...
So, what are the foundations of your cyber-security plan - and what function do they serve?
Threat: Viruses are a prolific security threat to SMEs and will attack your network from any number of sources. From phishing scams to suspect websites, your network needs to be ready to intercept threats before they can wreak havoc.
- Securing your system against viruses means working with software and employees
- Install antivirus software on every device and keep it updated
- Restrict access to websites which may harbour viruses
- Ensure employees are trained to identify and avoid virus threats
Firewalls, Encryption & Physical Protection
Threat: Unsecured networks may be penetrated by hackers anywhere in the world - and infected with an array of viruses and malicious software. Weak passwords and login protocols invite the attentions of hackers, but thieves can also gain access physically through a stolen device.
- Firewalls are essential virtual 'gateways' for your network, acting as filters for malicious content targeting your network
- Encrypting data blocks it from exposure should your system be compromised
- Ensure employees use complex account passwords - and change them regularly
- Keep careful track of all personal devices to reduce the risk of theft
Virtual Private Network (VPN)
Threat: Your on-premises network may be sufficiently protected, but if your employees want to connect remotely through unsecured networks (like cafes or clients' offices), their devices may present a vulnerability hackers can exploit.
- Setting up a virtual private network offers employees a way to connect remotely to your on-site network and access files, applications or resources safely and securely
- A VPN also encrypts information - keeping communications and data secure from prying eyes
Threat: Small businesses facing a wide range of cyber-threats may struggle to address each one - and risk missing vulnerabilities in their security strategy.
- Moving data and computing processes to the cloud is a way to outsource cyber-security
- Cloud platforms have their own up-to-date cyber-security in place
- Cloud services are scalable, meaning further protection can be added as and when your organisation needs it
Threat: Many cyber-attacks result in stolen or destroyed data - if that data contains sensitive customer information, the consequences can be devastating for small businesses.
- Effective backup strategies help businesses protect and recover lost data
- Back-ups can be hosted on-site, in networked storage servers, or online with a cloud service provider
- For maximum protection, you could tailor your company's backup strategy to incorporate a hybrid mix of on and off-site back-up
Cyber-security strategy is about much more than software and hardware. While you can bolster cyber-security with a range of measures, the most valuable defensive tools you have are your employees, who are best placed to react to an evolving landscape of threats.
By encouraging a culture of safety and security, your strategy will become part of your everyday work processes. Take care of the basics: securing files, changing passwords, updating software and keeping track of devices to prevent theft... as a business owner, how you protect your network is just as important as what you are protecting.
So You Think You've Been Infected?
When an infection occurs, the damage can be varied, from performance issues to theft of personal information or data loss. In the most severe cases, how your organisation reacts could make all the difference to your recovery...
Understanding The Different Types Of Cyber-Attack
To protect your small business from cyber-attacks, understanding the types of threat you face should be an important part of your strategy.