Cyber attacks cost organisations thousands of pounds and can cause huge disruption. Do you have a plan for what you’d if your customer database was stolen, your website was forced offline, or you couldn’t access your email or business-critical data?
Cyber criminals don’t just attack banks and large companies - they target any organisation which isn’t properly protected, even small businesses.
Here are some basic rules to safeguard your business:
- run regular online safety and information security awareness sessions for all employees.
- encourage staff to question and challenge things that seem irregular
- make sure physical access to computers and servers is strictly controlled
- introduce and reinforce rules about mobile devices, including keeping them safe, use of public internet and secured home access, and the use of employees’ own smartphones and tablets in the business
- perform regular backups to a reputable service, preferably one that is in the cloud and easily accessible
- enforce strict access to company, employee and customer data
- make sure you and all staff can spot the signs of a social engineering scam and know how to avoid the company being defrauded in this way
- have a software policy firmly in place including usage, updates, licences and what to do with redundant programs and apps
- when disposing of redundant computers, servers and mobile devices, ensure all data is thoroughly erased (not just deleted) to ensure it doesn’t fall into the wrong hands
For more information and guidance on how to protect your business visit:
Another useful help document, that the NCSC has published is the Small Business Action Guide which provides actions in accordance with the guidance contained in the Small Business Guide.