Given the current political climate, the threat of cyber attacks on UK businesses is of paramount concern. Yet, this threat is not new and the steps that business owners should take to protect their business remains the same.
In this article, we look at straight forward cyber security measures and practices that will make for a robust defence to any targeted attacks on business networks.
What cyber security threats could my business face?
Business disruption is the primary focus of many recent cyber-attacks, such as denial-of-service attacks that can cripple access to company data and systems. But data wiping and theft through malware and ransomware attacks, are also prevalent. There is also the threat of multi-targeted attacks, which adopt two or more of these methods to disable networks and seize data assets. The good news for business owners is that there are a number of measures that IT departments and staff can take to increase cyber protection.
Practical cyber security measures you can put in place today
Turn on multi-factor authentication
Using multi-factor authentication (MFA) on all of your accounts – especially email, social media, and financial services – creates extra protection. With staff often using multiple and remote devices to access business networks, MFA is a simple and effective way to authenticate users across a network.
Make sure your hardware and software are updated
Outdated browsers and operating systems are an easy target for hackers. These systems and applications are continually being improved in their cyber defence through updates. So, make sure all systems and applications are updated alongside your antivirus and malware protection software. This needs to happen regularly on all devices across your organisation. Turning on automatic updates will make sure systems are kept protected as soon as updates become available.
Back up records outside your organisation
Sensitive and operational business records should be backed up outside of the organisations network. Ideally, this should be on-line but easily accessible for recovery if needed.
Structuring your data is vitally important. Having separate repositories for current and work in progress and separate repositories for older data or data that is infrequently accessed means that in the event of an attack or ransomware incident, the current data can be restored first and quickly, meaning work can quickly recommence whilst the older data is being restored later and over a longer period of time.
Business and home Wi-Fi: consider a virtual private network for better cyber security
A VPN provides an additional layer of protection between your devices and the internet by hiding your IP address and your location.
As many employees are working from home and without a VPN, a good standard of Wi-Fi security is vital. Home Wi-Fi should be password protected, with employees encouraged to make sure their router firmware is up-to-date. Old routers may not have the most robust Wi-Fi Protected Access (WAP) enabled. This can make for an easy route for hackers. In this instance the router will either need a firmware update or to be upgraded.
Use strong passwords
Make sure that everyone in the organisation is aware of best practice when it comes to passwords. Long, simple and memorable passphrases have been shown to be more robust than short, complex passwords.
Cyber security awareness training
There’s a high level of phishing scams taking place at the moment, some of which are very elaborate and convincing. So, keeping employees updated on cyber security awareness, digital best practice and current threats is a vital step in any business’s cyber protection.
Bringing together cyber security measures
Single measures on their own are unlikely to protect against a determined cyber attack. But bringing all of these methods into play will give you the best chance at protecting your business’s data assets and operational function.
As these threats become even more intricate and widespread, businesses may also want to consider additional managed IT services for customised and targeted business protection.
Concerned about cyber attacks? Talk to us
If you’re concerned about the on-going threat of cyber breaches in your business, we can help you decide on the best way forward. We’ll discuss how to protect your business and will look objectively at your organisation, systems and security needs and work with you to develop an effective security plan.
If you would like to speak to us about any aspect of this article, contact Andrew Wayman at andrew.wayman@sdt.co.uk or call our office on +44 (0)1344 870062.