23 Mar Cyber Security in your small business – The fundamentals
In the last blog in the series, we explored cyber security and how it should be at the forefront of concerns within a business, we looked at different methods that cyber-criminals use to attack your systems and learned how damaging they can be.
In the remaining blogs in this section, we will take a look at some fundamentals of cyber security that will ensure you are defended to the best possible standard.
Cyber Security fundamentals
Good data backup
With Cyber-attacks on the increase, it is more important than ever to have an effective backup strategy in place to safeguard the IT systems and data that your business relies on.
A good place to start is the 3-2-1 backup rule. This is a time-tested practice whereby three copies of the data exist, two of which should be on separate storage media and one of which should be stored offsite (in the cloud, for example) for disaster recovery purposes. Basically, ensure you hold at least three copies of an item in separate locations as backups to ensure business continuity.
Data backup is a risk management tool – instead of acting as a preventative measure, it protects you in the event of an attack or robber, but also non-malicious complications, such as flooding or fire. In short, it allows you and your team to continue trading with the use of all your relevant data no matter the circumstances.
We all know that good password practice is largely common sense. Don’t use common number/letter sequences, words or phrases that mean something to you or names of people and places you’re connected with in some way. The best passwords feature random assortments of letters, numbers and other characters which have no meaning or any relevance to the user. You should make them as long as possible, but don’t forget them!
There are some principles you and your team should follow in order to ensure you are setting strong enough passwords to stand up to scrutiny and keep your accounts as secure as possible.
- Use multi-factor authentication where it is available.
- If it is too easy to remember – then don’t use it. Avoid easily recalled sequential passwords, recurring numbers (such as 1234, 6789), as well as common words (dog, cat, etc).
- The longer, the better; if possible, make sure your password is over 10 characters long and contains a combination of letters and numbers.
- Use upper and lower case letters.
- Periodically change your password; sometimes accounts are hacked unbeknownst to the account holder.
Arguably, passwords are the most important of all cyber security measures you will have in your arsenal. They are on the front line and are the first hurdle a criminal will face when attempting an attack on your system, yet they are often overlooked and neglected, in order to make things easier for the user themselves. Setting strong passwords is essential to safeguarding your digital assets against online criminals. Don’t compromise security for convenience!
To stop unauthorised access, managing permissions to confidential information, sensitive data and system settings – both by individuals within or outside of your organisation – is very important. A breach of access could result in a Malware intrusion, data theft/loss, or deliberate changes to your security settings which will likely present opportunities for cybercriminals.
You need to install Anti-Malware on all computers and laptops at home and in the office. Do not trust the free one from the manufacturer that was included with your operating system – these are often basic and offer very limited levels of protection.
This can be quite confusing to get your head around. As we explained previously, cyber criminals’ intentions are to encrypt your data – the confusing part is that you need to do it before the criminals can. Understand? I would be surprised if you did. To explain, encrypting your own data is different to it being encrypted by a third party. Data encryption works by essentially scrambling the readable text of your files and documents so they can only be read by the person who holds the ‘key’. It is therefore essential to do this before the criminals do.
In the last blog in the series, we will explore some specific cyber security measures that aren’t as broadly used or known about as the above.
Cyber Security for your business with Urban
Do you want your business to be protected to the best possible standard? Do you want a provider that monitors your systems regularly to ensure that a high standard of security is maintained at all times? Look no further than Urban Network! Our team of experts add layers of additional security to whatever existing measures you have in place. We will liaise with you to ensure that there are comprehensive policies in place for password control, access control, network housekeeping, and, importantly, remote access and BYOD policies. We can look at the current implementations of any facet of your network and give advice on industry best practices to ensure your business is sufficiently covering your risk. Contact us now to find out how we can help you!