Cyber security seems to be a growing concern for small businesses during Covid-19. While the pandemic presented small businesses an opportunity to work remotely, it also posed a higher risk of cyber-attacks. Businesses had to adapt the way they worked to cater to home working and that was being done in a rush, which inadvertently resulted in loosening of some security rules. Cyber risks are dangerous and can harm companies, however with the right processes and precautions the risk can be managed effectively. If you are a small business looking for some effective measures, we have made a small list on tips for tackling cyber-security issues.
- Review the current security position and policies. It is good to know about the controls regarding remote access to client systems and data.
- Have you outsourced IT? Great! But that should not mean that IT functions or security risks will not be your issue anymore. Regularly monitor and take updates on your IT controls and systems.
- Make sure that basic security measures are in place. Install fireworks, anti-virus and anti-malware software and keep them updated at all times. Ensure any other software being used has its own security patch in place.
- Encrypting data could be a good precaution. Implement controls over data and manage who can access it and what can they do with it. Have security in place to prevent them from transferring data onto removable devices, external cloud platforms and/or moving it through private emails.
- If the employees must store business data on personal devices, there should be a wipe software in place for data to be deleted in the event of device being stolen or lost.
- Work towards getting a certification through Government Cyber Essentials Scheme.
- Training employees about data and cyber security is one of the basics of strengthening your company’s security. It can also be useful to test the employees’ knowledge through phishing simulation exercises. Training and exercises can be found at solutions like Terranova Security and Sophos.
- The NSCS’S Exercise in a Box tool is another important platform for cyber-security. It lets organisation test their resilience against cyber-attacks and threats. Businesses should regularly test security policies and systems. Additionally, crisis management and business continuity plans should be regularly revised.
Each measure counts towards strengthening of a business’ security and helps them from falling victim to cyber-attacks.