Over the past few years, there is no doubt that the media has been swamped with stories about cyber-crime, on a national and global scale. As technology advances, so does the opportunity for cyber-crime. You may be a Celebrity, a Lawyer, an Office Worker, a Director, a CEO, a Shareholder…you may even be a student or graduate, beginning your professional journey. All of this doesn’t matter, cyber-criminals do not care who you are or what you look like, but they do want to find out about you.
Using the internet to do business brings with it huge opportunities and benefits, in fact, in this day-and-age it is almost essential to utilise resources online for businesses to flourish. However, just like a shop or café that has CCTV security, you need to take technological security measures to protect your business (and yourself). Whether your business is large or small, start-up or established, protecting it against the latest web threats has become an increasingly important, yet complicated task.
As proven in the media, the consequences of external attacks, internal security breaches and internet abuse have placed internet safety high on any business agenda. For example, let us take a look at the 2015 scandal which targeted TalkTalk.
156,959 customers had their data breached, 15,656 of these customers had their confidential financial data hacked and 100,000+ customers left the business as a result. The cost of this cyber-breach to TalkTalk was upwards of £60 million! (Data gathered from https://www.rsagroup.com).
This blog intends to explain (in brief) a few things you may need to know about online security and some of the key elements that should help ensure your business is, and remains, safe online.
What steps do I take to protect my business?
1 – Implement strict password policies – This should be common practice in most businesses nowadays. Ensuring your staff have their own individual passwords makes it more difficult for criminals online to access your whole system. It is, however, a good idea for a trusted member of staff (maybe a Director or Manager) to keep track of everyone’s passwords, should an employee leave the business or if there is a breach of security. This will allow easy access onto the system, when a member of staff needs to intervene.
2 – Encrypt your wireless network – Many companies use of WIFI (wireless) networks, but a surprising number fail to secure them. Encrypting your company network by setting a password only your employees know, means that other people cannot ‘piggy back’ onto your signal. You are also likely to need to change your router settings to WEP, WPA (WPA-Personal), and WPA2 (Wi-Fi Protected Access version 2). This all seems very complicated, but it should be a fairly straight forward process outlined in the instructions of your router.
3 – Protect your drives, files and folders – In a similar way to point number 2 (above), encrypting your drives, folders and files on your internal PC’s helps protect external breaches of data. Not all files will need protecting, but any files where confidential / financial information is stored are a good place to start.
4 – Block access to certain sites – By limiting or blocking access to restricted sites, you can prevent employees from downloading any viruses or clicking on ‘unsafe’ links.
5 – Keep up to date – make sure your operating systems are constantly updated and are regularly patched. – A patchis a piece of software designed to update a computer program or its supporting data, to fix or improve it. This includes fixing security vulnerabilities and other bugs which should also improve the usability and/or performance of your systems.
6 – Install the correct software – Have a firewall, as well as software that opposes viruses, spyware and phishing attacks. There are many different types of ant-virus software on the market which all offer a similar thing, but by shopping around you can get some great packages.
7 – Check your ports! – No, we don’t mean shipping ports. USB ports are one of the first places viruses can come into contact with your PC. If a member of staff uses a USB stick (unknowingly holding a virus, ready to transfer to the first PC it comes into contact with), the results can be catastrophic! Disabling these ports or controlling what is plugged into them is always a bright idea.
8 – Choose someone to control your systems – By restricting software and access rights, you may be protecting yourself from a string of problems. Setting up administrative rights so only a couple of people can install software without needing authorisation is a measure worth taking. This is usually a responsibility given to your IT department or Office Manager (or someone who is fairly IT savvy).
All of the steps above should help keep your business safe from cyber-attacks (or at least prevent them). By installing data-loss prevention and risk-assessment software, it’s possible to monitor your entire network’s activities to detect events that could lead to a data breach and detect trespassers before it occurs.
If businesses do nothing, by adopting a “nothing can happen to us” mentality, then it’s only a matter time before a security hack is likely to happen. Look at what happened to TalkTalk – would you rather spend a little on protecting your company or a lot on recovering your data and clients?Tags: blog, blogger, brighton, cyber, cyber-crime, hacker, hove, job, job seeker, new blog, office, office tips, online, online safety, phishing, Pier, Pier Recruitment, protecting your business online, recruiter, recruitment, social media, website
This post was written by Emma Jones