Cyber threats: A cyber security checklist for small businesses

Are you concerned about a cyber-security breach impacting your business? You are not alone Cyber security is an important topic in any business. In 2015, …

Are you concerned about a cyber-security breach impacting your business? You are not alone

Cyber security is an important topic in any business. In 2015, we’ve witnessed some very public cyber-attacks followed by reports with rising statistics showing in black and white that no company is safe. Speaking at an Info Security event in 2015 Ciaran Martin, Cyber Security at GCHQ declared that they had been “genuinely surprised by the extent and variety of UK organisations subject to intrusions.”

The government are placing cyber-security as a key part of their agenda but in the meantime where does this leave the small businesses in the UK?

It’s crucial for businesses of all sizes to develop a plan to keep information secure and work safer online. As a support arm for businesses of all sizes, we have put together a quick guide and checklist for business owners who need guidance setting up a cyber-security procedure:

    1. Start with implementing best practise

Go back to basics and assess the core procedures within your business. This includes making sure you have secure passwords, updated software and you routinely monitor the technology devices in your business.

Set aside time to update your passwords every few months and use varying passwords across different platforms. In this case predictability and consistency can be damaging.

    1. Train your employees on cyber security

A quick course or training session can arm your staff with enough knowledge to be cyber vigilant. Basic guidelines are important – do not visit harmful sites, avoid downloading from untrustworthy sources and delete unsolicited emails.

The Information Commissioner’s office have revealed that 93% of incidents that breached data security were due to human error therefore it’s also important to ensure your staff are aware of data protection best practise.

Your employees will also need to be trained on how to handle threats or ideally be encouraged to report anything suspicious to senior members immediately.

    1. Awareness is key

Your staff will no doubt need to be aware of the potential harm and risk of cyber-threats but this vigilance needs to be a fundamental part of business operations.

Be aware of the movement of your staff:

      • If they are working remotely, are their devices secure?
      • Are they logging into information outside of work? If so, they need to report any loss or theft of devices immediately.
      • Are they accessing secure servers when handling secure information online?

If you have freelancers or interns consider how much information they need to access and if an employee leaves the company remember to refresh all security passwords.

    1. Protect your devices

Adopting the right anti-virus software for your business is a basic requirement but many businesses overlook the importance. It’s an investment that will pay off when it comes to cyber security and relieves the pressure of continually monitoring your employee’s browser history. The software will not make your device invincible but it will lower the risk of an attack.

When addressing your software, also assess the security of your server and determine whether your data storage is safe.

    1. Remember to back up

To lessen the impact of a cyber-attack you will need to implement good practise when it comes to backing up your data and documents. Online back-ups are a simple way to apply this procedure to your business on a routine basis without the hassle.

Losing all of your company data and starting from scratch can be damaging – back up, back up, back up!

Most importantly remember that every business is different and the security needs will vary depending on your industry requirements, services, processes and data.

Adjust this list to suit your business and protect your business from a cyber-security breach – better safe than sorry.

Sources –

http://www.computerweekly.com/news/4500247371/Cyber-attacks-hit-wide-array-of-UK-business
http://www.itgovernance.co.uk/blog/93-of-dpa-breaches-caused-by-human-error/es-says-GCHQ