Every business that uses the Internet is responsible for producing a culture of security that will promote and develop business and consumer confidence. Cybersecurity is a major concern when it comes to running a small business.
Due to their lack of resources, small businesses have the least-protected website, accounts and network systems – making cyberattacks a fairly easy thing to do.
So what are the key aspects you need to be aware of when it comes to staying safe?
Securely store customer information
It is important to be aware that all businesses are legally required to securely store all customer information so there is no unauthorised access. It is also extremely bad practice to have one easily accessible Excel file full of all your customers’ information. Thankfully, there are many platforms that have bank grade security you can use to store your customers’ information. If you require some suggestions, our internal IT team would gladly provide some proven recommendations.
Invest in security
The frequent return of customers is necessary for your success. So it is incredibly important to protect them and their details. As a small business owner you should be focusing your energy on what you are good at and outsource what you can. It is all too common for business owners to try and build their own website, manage their own emails and attempt to add a payment solution to the ‘home-job’ website. This can be costly long-term, detrimental and time consuming.
Engaging with a professional with a great portfolio and proven experience will ensure that your branding and image remains relevant. We can suggest partner’s who have a proven capability and can vouch for their work. It can be well worth the investment.
Keep details and passwords secure
Don’t have one simple password for everything. If you have a unique password for every website you use then if one of them is compromised you only have to change that password. Email addresses and passwords get leaked constantly and it’s up to you to keep your data and identity secure. Again, there are many tools, apps and even features built-in to common devices like iPhones and Mac’s that will securely manage your passwords for you. We can show you how, just ask.
Beware of email phishing
This is not a typo, nor a method of catching you scaley friends…
You have to make sure emails you send to customers actually get through to them (and don’t end up in the junk folder). Spam email is an inevitable part of our business and personal lives. It is important to be aware that all it takes is for you to click on one dodgy link and you could encrypt your entire computer. Email phishing techniques are getting much more sophisticated.
Why do they target us? Because Australians have the highest pay rate to RansomWare. If something like this happens to you, you don’t want to be forced to pay to have your business files unlocked. This is one of the benefits of automated backups, so your data can easily be rolled back. If you are an existing VIDEN client, our IT team can provide a basic systems review of your business including your backup strategy.
Secure your Wi-Fi networks
If you have a Wi-Fi network for your workplace, make sure it is secure, encrypted and possibly hidden. To hide your Wi-Fi network, set up your wireless access point or router so it does not broadcast the network name, known as the Service Set Identifier (SSID). Also make sure you change the router access password from the default. Let the person / company who set up your network do it for you if this is beyond your ability.
Backup copies of important data
Try to regularly backup the data on all computers. Critical data includes word processing documents, spreadsheets, databases, financial files, human resources files and accounts receivable/payable files. Backup data automatically if possible, or at least weekly and store the copies either offsite and offline (somewhere safe and separate to your computer and not connected to the internet).
Control physical access to your computers
Prevent access of business computers by unauthorised individuals (this includes the kids). Laptops can be particularly easy targets for theft or can be lost, so lock them up when unattended. Make sure a separate user account is created for each employee and require strong passwords or better still, take advantage of 2-factor authentication and / or biometrics such as TouchID. Administrative privileges should only be given to trusted IT staff and key personnel. Our IT team can further explain what 2-factor and biometrics are…
Best practices on payment cards
Aim to work with banks to ensure the most trusted and validated tools and anti-fraud services are being used. You may also have added security obligations according to agreements with your bank. Isolate payment systems from other less secure programs and don’t use the same computer to process payments. Nothing wrong with being cautious, just not paranoid…
Be aware of common scams
It’s important to know how to identify an illegitimate request for information such as your tax information (a common scam) so be aware of what you share. If you’re unsure about any request for information, or if you feel you may have shared sensitive information with the wrong person, contact the tax department on 1800008540.
We can help with IT too…
Although our main expertise is in accounting, taxation and financial planning; our in-house IT team can provide an independent review of your current IT systems and possibly offer suggestions on what could be improved. Contact us to book a time to avail yourself of this opportunity.
This article was adapted from an original blog post by Jake Cunningham