Some simple steps that small businesses can take to protect themselves from cyber threats
Step 1 – patch and update
Download software and app updates as soon as they appear. They contain vital security upgrades that keep your devices and business information safe.
Step 2 – set complex passwords
One simple way of creating a password is
- Take the first letters of a phrase you always remember (i.e. Never cast a clout till may goes out’ Ncactmgo
- Add some characters to the phrase, particularly at the beginning $&Ncactmgo
- Now add some unique content to help identify the site i.e. Google GE, $&NcactmgoGE
- Now add some numbers, i.e. 16 $&NcactmgoGE16
Change your passwords regularly, at least twice a year
Store passwords somewhere safe
Store them off line or in a password manager (your password for your password manager needs to be really complex and not use anywhere else!)
- Trend Micro Password Manager
Step 3 – install good antivirus and extra email filtering
You do need to invest in good antivirus, free software isn’t good enough these days
- Web Root
- Trend Micro
Many cyber-attacks come through email with a link, install a good quality email filtering system such as
Step 4 – delete suspicious emails
Delete suspicious emails as they may contain fraudulent requests for information or links to viruses.
Step 5 – set up two factor authentication
If you are using Dropbox, Google Apps, Office 365 or any cloud based software, set up two factor authentication
Usually this means you need your mobile phone with you to approve your sign up. It’s very simple, but it will alert you to any attempts to access your information.
- Google authenticator
Step 6 – backup
Make sure everything that’s important to you is backed up on line and always keep some backups offline.
Good backup services include
Step 7 – train everyone
Make your staff aware of cyber security threats and how to deal with them.
The Government offers free online training courses tailored for you and your staff which take around 60 minutes to complete.
Ensure suppliers are aware of training too!
Kate Doodson is a member of the South West Cyber Security Cluster steering group and Joint Chief Executive of leading social enterprise and IT company Cosmic UK