Given that we've rolled over into a new financial year it would be a timely decision to reflect on the last...
Have you heard of Petya? WannaCry? What about GoldenEye? These are just some of the global threats known as Malware or Ransomware attacks that are gaining widespread attention. Attacks like these have been around for the last couple of decades, but the world has experienced a few major incidents in just this year alone making it a worrisome issue. No matter the size of your business you are a potential target.
As if it's not challenging enough to run your own business, you also have to contend with these attacks. Have you thought about how they could affect your business? Would they affect only you or do you have clients, customers or shareholders that would also bear the brunt? If you haven't really thought about these scenarios or questions you might want to. It is estimated that there has been over 114,000 suspected cyber crimes reported in Australia since 2014. Despite these findings, many business owners think that it won't happen to them. Having a general awareness is a start, but there are a few things you can do to tighten up your business's cyber security.
Ensure you have security software
It is good practice to ensure your computer has up-to-date anti-virus software installed. It does not matter if you believe you are being careful online by only visiting reputable sites, it's better to be safe than sorry. Anti-virus software is specifically designed to detect and remove threats, so it makes sense to have it as part of your cyber security strategy.
Hardware and Software
You should make sure you are regularly backing up your data in case something happens to your computer. It is also important that you regularly update software. Whenever you can, enable auto-updates and also remember to check if your routers and wireless need updates too. Having auto-updates setup will consistently patch security holes to minimise vulnerabilities. Furthermore, ensure you are not using old software products that are no longer supported.
Use cloud-based email
Apart from cloud-based email being more cost-effective than server hosted email, it is also safer in the case of disaster, damage, hackers, and phishing. For those very reasons, having a cloud-based email infrastructure is the way to go.
Ensure your passwords are secure and strong
Make sure your passwords are secure and strong. Using passphrases is a good idea as they are longer, can be more complex, and easier to remember. Another extra layer of security you can use is two-factor authentication. This requires not only your username and password but something else that only you could have access to. This can be in the form of a hardware token like banks issue out or an SMS code sent to your phone. Furthermore, utilising password managers is great as you don't have to remember all your passwords, and the manager can generate strong passwords on your behalf.
Employees trained on the basics
To avoid becoming a victim of cyber crime, you need to ensure that all your employees are well trained on the basics of cyber security. Making sure they are using safe online practices and being aware of the ways cyber crime happens is the best defence. Some things to think about implementing if you haven't already are:
- Limit access to and the number of administrative accounts
- No shared accounts, each employee has their own access
- Ensure no employee undertakes day-to-day activities using administrative accounts
- Limit access where possible in systems, so they can do the things they need to do specifically for their job role and nothing else
Training employees so they can understand the signs and detect phishing emails or malware infections and report them is of high importance.
Implementing the above practices will inevitably tighten up the cyber security of your business. However, one of the serious issues with cyber security at the moment is that defenders are constantly being outsmarted by attackers. You can never be entirely safe from cyber crime. Therefore, another recommendation that we strongly suggest is that you consider Cyber Insurance for your business. Remember - it is not a substitute for good cyber security practices, but it can lessen the impact that a breach may have. There are various policies out there, so talk to an insurance broker about your needs.
Have a chat to Aaron Macdonald from Business Insurance Cover Services. He can assist you with finding the right cyber insurance solution for your business.
There's a better way to do business.