The global WannaCry/WannaCrypt ransomware attack has caused major havoc for businesses world-wide with roughly 150 countries hit and 200,000 cyber infections.
Whether you have a website, online accounts or any type of web-based infrastructure, you are at risk for a cyberattack. Normally everyone typically hears about cyberattacks against high-profile companies. However, small businesses make prime targets for cybercriminals, competitors and unhappy parties. Due to their lack of resources, small businesses have the least-protected website, accounts and network systems – making cyberattacks a fairly easy thing to do.
Every business that uses the internet is responsible for producing a culture of security that will promote and develop business and consumer confidence. Cybersecurity is a major concern when it comes to running a small business, particularly if there is an ecommerce aspect to the company. So what are the key aspects you need to be aware of when it comes to staying safe?
1. Securely store customer information
It is important to be aware that all businesses are legally required to securely store all customer information so there is no unauthorised access. It is also extremely bad practice to have one easily accessible Excel file full of all your customers’ information. Thankfully, there are many platforms that have bank grade security you can use to store your customers’ information.
2. Invest in security
Any small businesses will never be successful without the frequent return of customers. So it is incredibly important to protect them and their details. As a small business owner you should be focusing your energy on what you are good at and outsource what you can. It is all too common for business owners to try and build their own website, manage their own emails and attempt to add a payment solution to the garage built website. This can be costly long-term, detrimental and time consuming.
Many SaaS (Software as a service) companies offer monthly subscriptions with everything included. They manage the security, ensure all details are secure, implement the latest search engine marketing and search engine organisation optimisation practices and ensure sites are mobile friendly. It can be well worth the investment.
3. Keep details and passwords secure
Don’t have one simple password for everything. If you have a unique password for every website you use then if one of them is compromised you only have to change that password. Email addresses and passwords get leaked constantly and it’s up to you to keep your data and identity secure.
4. Beware of email phishing
You have to make sure emails you send to customers actually get through to them (and don’t end up in the junk folder). Spam email is an inevitable part of our business and personal lives. It is important to be aware that all it takes is for you to click on one dodgy link and you could encrypt your entire computer. Email phishing techniques are getting much more sophisticated.
Why do they target us? Because Australians have the highest pay rate to RansomWhere. If something like this happens to you, you don’t want to be forced to pay to have your business files unlocked. This is one of the benefits of sinking to the cloud rollbacks back ups.
5. Secure your Wi-Fi networks
If you have a Wi-Fi network for your workplace, make sure it is secure, encrypted and hidden. To hide your Wi-Fi network, set up your wireless access point or router so it does not broadcast the network name, known as the Service Set Identifier (SSID). Password protect access to the router.
6. Backup copies of important data
Try to regularly backup the data on all computers. Critical data includes word processing documents, spreadsheets, databases, financial files, human resources files and accounts receivable/payable files. Backup data automatically if possible, or at least weekly and store the copies either offsite and offline (somewhere safe and seperate to your computer and not connected to the internet).
7. Control physical access to your computers
Prevent access of business computers by unauthorised individuals. Laptops can be particularly easy targets for theft or can be lost, so lock them up when unattended. Make sure a separate user account is created for each employee and require strong passwords. Administrative privileges should only be given to trusted IT staff and key personnel.
8. Best practices on payment cards
Aim to work with banks to ensure the most trusted and validated tools and anti-fraud services are being used. You may also have added security obligations according to agreements with your bank. Isolate payment systems from other less secure programs and don’t use the same computer to process payments.
9. Be aware of common scams
It’s important to know how to identify an illegitimate request for information such as your tax information (a common scam) so be aware of what you share. If you’re unsure about any request for information, or if you feel you may have shared sensitive information with the wrong person, contact the tax department on 1800 008 540.
- Has your small business had a cyber attack? Let us know by commenting below.
- Want more? Get our newsletter delivered straight to your inbox! Follow Kochie’s Business Builders on Facebook, Twitter, Instagram, and LinkedIn.
- WIN! a business lunch with David Koch & $60,000 worth of small biz support