Three ways you can update digital security across your business
Business.connected in partnership with Vodafone is an extensive online training programme that will help 100,000 small businesses boost their digital skills. The free 12-month initiative - delivered exclusively online and consisting of workshops, webinars and e-learning modules - will empower businesses to kickstart digital change, adopt new technology, and stay safe online.
ButteredHost head of digital and business.connected adviser Gill Wilson shares why digital security is important for small businesses - and the three things you can put in place to reduce your security risk.
The Uk Domain by Nominet (https://www.theukdomain.uk/get-online/cyber-security-for-smes/)
With thousands of high-profile hacks, ransomware and data breaches you need to make sure you’ve covered all your digital security bases. Don’t think that your company is too small or too new to attract the attention of cyber attackers. Small businesses are just as likely, if not more to be targeted by hackers.
As small business owners this can give us sleepless nights, but the good news is that you can take some simple steps that will go a long way to protecting your digital assets:
1.Change the way you interact with technology
Do you cleverly hide a password under their keyboard on a post-it note? Do you never log out and just shut your laptop? Do you leave your computer on and unlocked while you grab a cuppa?
If you answered yes to ANY of these questions, this can lead to someone gaining access to your computer, especially when you add in working in a remote environment e.g. café or shared workspace.
Here are my top tips for improving the way you interact with technology:
Do not use public Wi-Fi networks when working with sensitive data, these may not be secure and connections are at risk from being intercepted
When you are working remotely be aware of who is behind you and who can see what you are typing into what screen
With over 80% of today’s data breaches being caused by weak, stolen, or reused passwords, remember to re-set passwords regularly
Use password safes to store and share passwords (e.g., LastPass).
Make sure regular software updates are carried out on all your devices and your website
Always use 2-factor authentication where there is an option
If you employee staff or outsource to freelancers, make sure you have security policies and procedures in place and make sure these are communicated
Implement a clear desk policy so client data is not left lying around
2. Get to know how website security works
The majority of business will use a website or website platform. It’s a good idea to familiarise yourself with these four key areas of a website:
Web Application Firewall (WAF): This sits in front of your website to monitor and protect your site. Ensure that your site has a firewall installed. If you use WordPress, use a reputable plugin like Wordfence, Ninja or Securi.
Server: When you are starting out it is tempting to go for cheap hosting servers. Poor quality servers can cost you in terms of SEO, but also security. If someone else’s site on the server gets hacked, then your site can be in jeopardy as well.
Backups: Make sure there are off-site backups – there is no point having a backup on the server that is already compromised as it will probably be compromised as well. Know how often, and how to restore from backup. Ideally run a test restore every month or so to check the process still works as expected.
Transactional websites: If you have a transactional website (a shop, membership, or news site) get backups every few hours at least. You do not want to be in a position where your customer’s order is wiped out after they paid.
3. Be proactive, not reactive to digital security threats
You’ve been hacked, what do you do?
It’s best to be proactive and have a plan in place before this happens, so start today. Build relationships with professionals who can look after your site before you need them for an emergency. You should identify a trusted clean-up service before you need it. That could be your usual web maintenance person. If you can afford it, go for their monthly option and maintain your site well. Don’t forget about insurance – think about what would a big liability payout do to your business if your clients were let down?
Looking for further support with digital security?
Sign up to business.connected today for support with digital security, collaborating with others online, websites, e-commerce and connectivity.