Simple steps to protect your business online

- June 19, 2018 3 MIN READ

It’s essential that small and medium businesses learn how to effectively protect their business online.

It isn’t just large corporations being targeted by cyber criminals; approximately 60% of cyber attacks are now targeted at small and medium businesses[1] What’s more, of those that are impacted, almost 60% go out of business within six months.[2]

The good news is there are some simple steps you can take to keep your business safe.

Here are five ways to help safeguard your business:

  1. Protect your business data

Your business data encompasses your business strategy, inventory records, contact databases, marketing strategies, and much more. This kind of information is much harder to replace than physical assets, such as stock or merchandise. Business data may be lost or stolen due to human or system error (for example, a computer failing), or by criminals infiltrating your computer systems through phishing attacks or malicious software.

One of the most effective things you can do is to regularly back up your information. An external hard drive or secure cloud storage can be used for this purpose, meaning a copy of your data is available if anything goes wrong. It’s crucial to test your back ups, so you can be confident they’ll work if required.

  1. Keep software up to date on your devices

From time to time, vulnerabilities are found in software and applications. These weaknesses can be used by criminals to access the information on your devices.

By keeping the software on your devices up to date, your business’s devices receive the latest security fixes. In addition, all devices should have anti-virus software installed and up to date, to protect against malicious software.

You can turn on automatic updates for your Operating System and software, so the latest updates are downloaded and installed as soon as possible.

  1. Secure your accounts

Passwords are literally the key to everything we do online, which is why we must protect them. Make sure you use a different password for each online account, and ensure they are hard to guess (no birthdates, pets’ names or football teams). Ensure each employee in your organisation has their own account for your systems, and that passwords aren’t shared.

If you find it difficult to remember multiple passwords, consider using a Password Safe program. These tools can securely create and store passwords for your online accounts.

It is also recommended that you add an extra layer of security by turning on two-factor authentication for email and banking accounts. This means providing an additional piece of information, such as an SMS code sent to your phone or a security token, in addition to your password, when accessing your accounts. This can prevent unauthorised access even if someone knows your password.

  1. Be on the look-out for suspicious messages

Phishing messages are one of the main ways criminals attempt to gain access to individuals’ and business’s information. Phishing emails and text messages often pretend to be from legitimate companies such as banks, courier companies, or government departments, and can contain links to fake websites requesting personal and banking information.

If you’re unsure regarding the legitimacy of an email or text message, don’t click on links or attachments, or respond to requests for information. Instead, visit the organisation’s website by typing the address into your Internet browser, or call the organisation on a publicly-listed number to verify the request.

If you receive a request to transfer funds, or an invoice with new payment details, call the person or organisation to confirm the request before actioning.

  1. Raise awareness in your business

Your employees are the first line of defence when it comes to protecting your business.

By teaching them how to recognise suspicious messages, and where to report a suspected security incident, your employees can help keep your business safe. Share examples of suspicious messages received within your business, and discuss where any concerns should be escalated to.

Want to learn more about protecting your business online?  Visit nab.com.au/security for articles with practical advice for small to medium businesses, as well as a short training module.

[1] Symantec, 2015 Internet Security Threat Report, 6 (Apr. 2015) http://know.symantec.com/LP=1123
[2] U.S. Securities and Exchange Commission, The Need for Greater Focus on the
Cybersecurity Challenges Facing Small and Midsize Businesses (Oct. 19, 2015) https://www.sec.gov/news/statement/cybersecurity-challenges-for-small-midsize-businesses.html

Popular in the network