Cyber security has never been more important. The high-profile cases that have appeared in the media for the last few years such as WannaCry, the Uber hack, and the British Airways hack in September have placed cyber security firmly on the agenda. According to a report published by the Department for Culture, Media and Sport, 43% of businesses experienced a cyber security breach or attack in 2017. Here are a few pointers to show you how you can improve the cyber security of your business online.
Have you addressed your Antivirus?
Keeping the bad guys out is never easy. Antivirus and firewalls act as a layer of protection to keep your business safe online and should be on every computer that is connected to the internet by default. Security suites don’t have to cost a huge amount, and there are even free packages available, such as Avira, Avast and AVG, although their full functionality is often behind a paywall.
Antivirus suites often come with a variety of other useful tools including a firewall, which will help protect you from unauthorised access to your computer.
Have you addressed your Insider threat?
One of the largest threats to your businesses security online are the employees working within the business, or any contractors undertaking work for the business. Clearswift, a cyber security firm, estimates that 42% of IT security incidents originated from employees, and 74% from extended enterprise. Insider threat is a considerable risk to the security of your company, but did you know that it is mostly accidental? It’s estimated that 75% of businesses have received fraudulent emails or have been redirected to fraudulent sites that lead to a breach. These are easily clicked on by an employee, or someone from an associated agency which can be a real threat to your business.
There are tools which can be put into place that can help you protect yourself from insider threat as a result of online activity. Firstly, many antivirus suites offer email screening services and web browser add ons or extensions across all major browsers that aim to protect you and your employees from fraudulent websites and emails. Secondly, you can manually set up sweeping if you receive repeated fraudulent emails from the same domain. Most mail clients provide this service, and it is an easy task to complete, and allows you to move all emails from a particular sender or domain into the junk folder. Finally, you can provide some basic training for employees so they are aware of the risk that clicking on a fraudulent link or email could have to the business.
Have you addressed your software updates?
It can seem time consuming to install every update for your computer as they arrive but doing so across all programmes can help to keep you safe online. Developers very often release patches and updates for their software not only when they want to introduce a new feature, but also when a bug is detected, which can pose a security risk for those using the software. Vulnerabilities are not restricted to downloaded software though. The hack of high-profile Twitter users accounts at the end of 2018 highlighted a vulnerability in the coding Twitter used which, when exploited, allowed access to various accounts across the site.
The key to protecting yourself in this instance is to keep everything up to date so that changes made by developers to help protect your systems are installed as quickly as possible.
Have you addressed your passwords?
Following the discovery of 1.4 billion usernames and corresponding passwords in a file from the darkweb, Security firm 4iQ was able to conclude that 39.30% of passwords used were considered “very weak” with over 9 million using the password ‘123456’. Weak passwords present a serious security risk to an individual or businesses online security. But it’s not only passwords like ‘qwerty’ that we have to worry about. Repetition of passwords across multiple services and computers can put a business’s wider cyber security at risk. If a data breach occurs at a company which you have used a password on, then it’s reasonable to assume that a hacker may have acquired your password and username for that site. If you use that password across many sites, then those sites are now equally at risk.
The best way to combat issues with passwords is to use a strong password. Strong passwords incorporate a mix of capital letters, lowercase letters, numbers and symbols in an unpredictable order. The second way is to not use the same password over two different sites to ensure that if one site is hacked, your other accounts are not at risk.
Keeping secure is never easy in the ever-evolving online world, but the steps here can help you stay more secure online and help keep your business secure in the future.