How to improve the cyber security of your business

I haven’t been attacked or targeted

Why should I improve my cyber security?

Unfortunately, it is not a case of ‘if’ you get attacked but, when. As 80% of businesses are attacked on a daily basis, these attackers send their scams more often, far & wide. We are all targets, they want your money and they will do anything to get it.

Do not get caught out, see our tips below on how to make your business more secure. Prevention is far more cost-effective, than acting after an attack, and will save you time in the long run.

If you have been caught and have lost money, do not be ashamed. Report to your bank and  Action Fraud as soon as possible.

Use passphrases, not passwords

Passwords are often easily guessed, computer brute force passwords and we find that users often use the same password for many websites, platforms or computer logons. This means if your password has been compromised for one website, all of your data could be at risk.

A Passphrase is easier to remember and takes much longer for a computer to guess. However, you can make it even harder by ensuring that it is 12 characters long and must include numbers, and special characters (For example ! or ?) plus upper and lower case characters.

DinoPass and PassWordGenerator are useful websites that you can use to help you make your own unique passwords. As you should make it for yourself so you can remember it and if the website does get compromised you won’t be at risk.

We also suggest that you use a password manager/vault like 1password or Bitwarden to store all your passwords safely.

2 Step Verification

Password/Passphrase alone is not enough anymore, almost all online services offer or require 2-step verification(Also known as 2FA & MFA).

If you are using Microsoft 365 or Google Workspace for your business email and cloud services, MFA can be enforced at an admin level meaning that all your users will have to set it up.

There are a lot of free authenticator apps out there and these are some of the ones we recommend:

Google Authenticator, Authy and Mircosoft Authenticator – please see our guide here 

Be more diligent

When receiving emails/texts/calls take 5 mins to check the following;

  • Always check the sender or the number as it is normally different from the main business number/email address
  • Hover over the link to see where it take
  • Is it addressed to you? Normally scams are very generic
  • Are there spelling or grammar errors?
  • Does the format of the message look odd or out of place?
  • If it has an attachment, is it something you are expecting? Does the name of the file look right?
  • When in doubt, do not reply or click on any link. Ask someone else to have a look at the message and call the company from the number off their website NOT from the message you received

Additional Protection

For businesses, we strongly recommend our Spam filter service which stops email attacks before they hit end user’s mailboxes. You also need a good, paid Anti-Virus solution – we resell ESET and BITDEFENDER.

Backups are so important!

Keep an offline backup of your data, you can purchase an external hard drive, backup your files onto it and then disconnect when not in use. This means that your data is protected when offline/not connected to your pc which prevents attacks (Ransomware normally).

We can set up cloud backups of your data and servers plus have hot-spare copies of your servers ready if a total disaster happens. Our backup services start from as little as £10 + VAT, per month.

If you are not sure want you need or would like some help you can always contact us and we will be happy to quote you on a solution and give you a cyber security checkup.