Keep Your Data Safe: Top Tips to Protect Small Businesses

2020 has been a pretty chaotic year for small businesses, with thousands of them having to make fundamental changes to their business models in order to ride out a global pandemic. Unfortunately, this kind of disruption can often open the door to hackers and cyber criminals, who see it as the perfect opportunity to exploit security flaws in a business.

Most often, holes in digital security are caused by basic errors, like easy to guess passwords, out of date software, or remote workers using unsecure networks. In nearly all cases, small businesses need only implement a few small changes to ensure they are far better protected from cyber attacks and present a much less appealing target for opportunistic hackers.

Can you guess what the most common password was in 2019? ‘123456’[1]. Also in the top five were ‘qwerty’ and ‘password’. Easy to guess passwords are an open invitation for hackers and cyber criminals, allowing them straightforward access to sensitive business data in seconds.

It’s been said thousands of times, but a strong, unique password is one of the most effective deterrents when it comes to opportunistic attacks and it’s worth making sure everyone in your business is using them. What’s more, you should always take advantage of two factor authentication where possible, creating another layer of security for important accounts. There’s no excuse for forgetting passwords either, as both Google and Apple have password management tools, that can securely store multiple passwords for the next time you need to log in. Even if you do nothing else from this article, make sure you update your passwords!

Another simple, but often overlooked security measure is keeping your software and hardware up to date. Updates for Windows, for your browser or your phone’s operating system can often feel like an inconvenience, but they often contain important security updates, designed to protect you from the latest cyber threats.

Because of the pace at which software is developed and made available to the public, security exploits can often go unnoticed, which means the developers then need to release patches designed to fill these gaps. Making sure that your business is only using the latest software versions from the developer means you’re far less likely to fall victim to an attack that exploits an existing vulnerability. It’s a good idea to make checking for updates a weekly habit, especially on software and devices that are critical to your business.

One of the biggest changes in 2020 has been to the way in which people work. As a result of the Covid-19 pandemic, thousands more of us are working from home, often on personal laptops and phones, connected to unsecured networks. This can present a number of security concerns for small businesses, particularly when it comes to working with sensitive data at home.

The reality is that enterprise grade firewalls and in person IT support simply aren’t feasible for the average home office set up, which makes those working from home far more vulnerable to cyber-attacks. However, there are still plenty of simple, low cost options to boost your network security whilst working from home. It can be as simple as changing the name and password on your router, to enabling WPA2 (wireless protected access), which adds a layer of encryption to data sent and received on your home wireless network. For those who work with really sensitive data, it might even be worth investing in a VPN, to ensure anything you access from home is managed via a secure, private network. Even better, most VPNs only cost a few pounds per month, putting them within the reach of even the smallest cyber security budgets.

One of the best ways to avoid becoming a victim of a cyber-crime is to have a working understanding of the most common threats and exploits used against businesses. There are lots of free resources and papers available online that give excellent, up to date security advice, not to mention insight into the most prevalent cyber threats.

The government’s Cyber Security Breaches Survey is an excellent place to start for those wanting to learn a little more about the current state of cyber security in the UK in 2020. For example, 86%  of businesses affected by cyber-crime found it came in the form of fraudulent emails, or being directed to fraudulent websites - commonly known as phishing. Armed with this information, businesses can make action plans to guard against this type of attack, increase awareness amongst colleagues, even invest in extra security for their email accounts. As with most challenges small businesses face, simply being prepared can be more than half the battle!

The unfortunate reality of cyber-attacks is that there is no foolproof way to completely safeguard your business from them. However, businesses that prepare for these kinds of threats and put together plans for ‘worst case scenarios’ are less likely to experience an attack and if they do, are far more likely to recover quickly from it. Encouragingly, over 80% of UK businesses now see cyber security as a high priority, up from 60% in 2016[1], a good sign that awareness and action on cyber security are moving in the right direction.

Ultimately, good cyber security isn’t solely about reliance on technology. Firewalls and VPNs are widely available and aren’t expensive, but they can only do so much. Small businesses should prioritise educating themselves and their people on the basics, like changing passwords regularly, updating software and learning to identify phishing attempts. Not only will this drastically reduce the chances of being caught out by one of the more common cyber threats, it means that should the worst happen, you’ll be prepared!