7 simple cyber steps for small businesses

Some simple steps that small businesses can take to protect themselves from cyber threats

Step 1 – patch and update

Download software and app updates as soon as they appear. They contain vital security upgrades that keep your devices and business information safe.

Further advice on software updates

Step 2 – set complex passwords

One simple way of creating a password is

  1. Take the first letters of a phrase you always remember (i.e. Never cast a clout till may goes out’ Ncactmgo
  2. Add some characters to the phrase, particularly at the beginning $&Ncactmgo
  3. Now add some unique content to help identify the site i.e. Google GE, $&NcactmgoGE
  4. Now add some numbers, i.e. 16 $&NcactmgoGE16

Change your passwords regularly, at least twice a year

Store passwords somewhere safe

Store them off line or in a password manager (your password for your password manager needs to be really complex and not use anywhere else!)

  • Passpack
  • LastPass
  • 1password
  • Keepass
  • Trend Micro Password Manager

Step 3 – install good antivirus and extra email filtering

You do need to invest in good antivirus, free software isn’t good enough these days

  • Web Root
  • Trend Micro
  • Bitdefender
  • Eset
  • Kaspersky

Many cyber-attacks come through email with a link, install a good quality email filtering system such as

  • Fusemail
  • Sophos
  • Mimecast

Step 4 – delete suspicious emails

Delete suspicious emails as they may contain fraudulent requests for information or links to viruses.

Further advice on suspicious emails

Step 5 – set up two factor authentication

If you are using Dropbox, Google Apps, Office 365 or any cloud based software, set up two factor authentication

Usually this means you need your mobile phone with you to approve your sign up. It’s very simple, but it will alert you to any attempts to access your information.

  • Google authenticator
  • Authy
  • entrust

Step 6 – backup

Make sure everything that’s important to you is backed up on line and always keep some backups offline.

Good backup services include

  • iDrive
  • CrashPlan
  • Carbonite
  • Backblaze
  • Mozy

PC mag guide to best online back up services for 2016

Step 7 – train everyone

Make your staff aware of cyber security threats and how to deal with them.

The Government offers free online training courses tailored for you and your staff which take around 60 minutes to complete.

Government courses for directors, staff and other team members

Ensure suppliers are aware of training too!


kate_doodson_south_west_cyber_security_clusterKate Doodson is a member of the South West Cyber Security Cluster steering group and Joint Chief Executive of leading social enterprise and IT company Cosmic UK