Many SMEs treat cybersecurity as an afterthought. That’s a mistake, according to Gill and Isla Wilson, the wiz web developers behind Buttered Host, both of whom also serve as consulting security experts for Vodafone and as business.connected advisors.
“If you own a building, you invest in contents insurance, but what are you doing to protect your digital assets? You'll buy a lock for your door, right? So why wouldn’t you have a lock on your website?”
From side hustles to homeworking, the pandemic heralded a shift in the way we work. Gill and Isla say that has intensified the threats facing small businesses. They mention that setting up a business online has never been easier, but with so many low-cost services out there, cybersecurity is often kicked into the long grass.
No matter the size or nature of your company, it’s important to understand the value of the data you hold. E-commerce start-ups are in the same boat as your local gardening company.
“You might think: I don't sell anything online, so people aren’t going to steal from me. But there’s so much you can harvest. Even if it’s your password, if someone gets that, they can change privileges on your website and manipulate your visitors”
Brett agrees, adding that he doesn’t think the common cybercriminal is very skilled. They’re social engineers. That means they're part of a wider network of hackers who exchange information online. These criminals use known exploits to access a website, bypassing generic security measures.
“Does the website have a known bypass? Read their Terms of Service, look at what type of security they use. If anything looks new, I’d ask my network: ‘Hey, have you guys encountered this? How did you get past the security?’ Usually, the answer is there.”
Brett thinks the free sharing of information is the hacker's most powerful tool.
“You see it with every single crime that takes place.’”
THE TAKEAWAY: Hackers don’t need to be sophisticated to access your business data. Think about upgrading your website’s security features. Practice good cybersecurity hygiene, such as checking data breaches, and changing your password at least every 90 days (and ideally more often).
Available Monday to Friday, 8am-6pm, our friendly team are here to provide guidance and support on the topics that matter to your business.