Eleven cyber security tips for small businesses
By Hannah Kinston
As Australians continue to work from home, business leaders must take a long-term approach to their cyber security strategy. There are a number of cyber security tips for small businesses making the rounds that you should consider in order to protect both your data and employees. Here are 11 cyber security tips for small businesses:
Here are 11 cyber security tips for small businesses:
1.Implement a security policy from the get-go;
2.Ensure that all of the software you use is up to date;
3.Use password protection software;
4.Use double-factor authentication;
5.Ensure that only the relevant staff members have access to the software and platforms you use;
6.Ensure that you and your employees don’t use autofill;
7.Limit file uploads;
8.Use an SSL certificate;
9.Implement a spam filter;
10.Beware of social engineering; and
11.Hire a security specialist.
Cyber security tips for your small business Implement a security policy from the get-go
Organise security training with all your employees so they know to avoid sharing passwords via email or instant messaging, saving passwords to their devices and using their own personal devices while working.
Implement a security policy and distribute a one-pager to all employees.
Ensure that all of the software you use is up to date
If your software is outdated, hackers may have the increased ability to find loopholes through security measurements placed within your software. Taking proactive steps to update your software also ensures that potential spam emails telling you to update can be reported and dealt with. Updated software comes with hotfixes for loopholes found in earlier versions of the same software.
Use password protection software
Ideally, employees should not know the passwords to different platforms unless there is a specific reason. Use tools such as LastPass to share access to the programs you use and ensure that passwords are not being shared casually among the team.
Use double-factor authentication
While working remotely, it may be difficult to track who is using what and why. Use double-factor authentication to minimise the risk associated with multiple employees using the different platforms and software that you use. This can take on the form of multiple passwords or needing to confirm identity through another device to gain access. Ensure that only the relevant staff members have access to the software and platforms you use
The less access the better.
Take social media for instance. There is no reason why all employees should have access to your social channels unless they are actively posting. If you are using a password-sharing platform, you can always give and take away access. But make sure that you know who has access to the different programs you use.
Ensure that you and your employees don’t use autofill
Increase your level of security by disabling autofill passwords.
Disabling autofill means browsers no longer save passwords, whether they are used with a password sharing platform or not.
This makes it more difficult for hackers to gain login details.
Limit file uploads
A large volume of file uploads in a short period of time can cause leaks in your online security system via a bug. This can make it easier for hackers to gain access to your files and read the data on your website.
Limit file uploads by opting for small short, bursts of data as opposed to one large file upload.
Use an SSL certificate
An SSL Certificate is incredibly important because it offers end-to-end encryption on the information that you are putting online. By default, your data is transferred via plain text between your browser and server, making this information easy to read by hackers.
Ensure that you have an SSL certificate to make your data more secure.
Implement a spam filter
Limit and slow down the content that is being delivered to both your website and email by implementing a spam filter. This will filter malicious content that could otherwise spread viruses and help hackers to mount a cyber attack.
Beware of social engineering
If a hacker is unsuccessful in gaining access to your data, they may use other means to gain information. Social engineering generally involves tricking people into breaking standard security practices. With companies increasingly using social media, hackers may analyse your messaging and use it to gather information they can leverage to conduct a cyber attack. Ensure that the information you are sharing doesn’t relate to any passwords, and ensure that you regularly change your passwords, especially on your social channels.
Hire a security specialist
If your budget allows for it, you should hire a security specialist to oversee implementing your security campaign and monitor it thereafter. The increase in cyber crime in Australia and further afield means that having a game plan is essential to ensure your data stays safe.