10 Aug Be armed, be defended – the best cyber security practices for your small business – Cyber security fundamentals
In the previous article we explored cyber security and the importance of it being at the very forefront of your business concerns, we took a close look at the methods cyber criminals use to attack your systems and learned how disastrous a successful attack can be.
In this article we will take a look at some cyber security fundamentals that will equip you to be prepared for any eventuality you are faced with.
Cyber security fundamentals
Good data backup
As we stated in the previous article, cyber attacks are on the rise. Bearing this in mind, it is integral to have an effective backup strategy in place to safeguard the IT systems and data that your business relies on.
We would recommend the 3-2-1 backup rule. It is a long-tested practice whereby you ensure that there are three copies of your data at all times; two of them should be on separate storage media and one should be stored offsite for disaster recovery purposes. The long and short of it is to hold at the very least three copies of an item in different locations in order to guarantee business continuity in the eventuality of a disaster.
Risk management is the key factor here and Data backup is one of the best risk management tools available – because, instead of merely being a preventative measure, it protects you once the business defining event has already taken place. (This could be perhaps an attack or robbery but also non-malicious complications too such as a flood or fire.) Data backup allows your team to continue trading with the use of all your data no matter the circumstances.
Good password practice is also common sense in the modern world, and everyone has devices and apps that require passwords. As I’m sure you already know, it is not good practice to use common number or letter sequences (like 1234 or ABCD), words or phrases that mean something to you, or names of people and places you’re connected with in some way. To create a password that is as good as it possibly can be you need to use a random assortment of letters, numbers and other characters which have no meaning or any relevance to the user. Make them as long and complicated as possible, but not too hard you forget them!
There are a few basic rules your team should follow in order to ensure that they are setting the strongest possible passwords which will enable them to stand up against the cyber criminals trying to breach them.
- Use multi-factor authentication where it is available.
- If it is too easy to remember – then don’t use it. Avoid easily recalled sequential passwords, recurring numbers (such as 1234, 6789), as well as common words (dog, cat, etc).
- If possible, make sure your password is over 10 characters long and contains a combination of letters and numbers – when it comes to passwords the longer the better!
- Use upper and lower case letters. [SHOULD YOU ALSO USE PUNCTUATION AND OTHER CHARACTERS?]
- Periodically change your password; sometimes accounts are hacked unbeknownst to the account holder.
Some would say passwords are the most important of all cyber security measures that you will put in place. They are the first form of resistance that a cyber criminal will face on his mission to access your system, yet passwords are often overlooked and neglected in order to make things easier for the user. We cannot stress strongly enough the need to set strong passwords! You need to safeguard your digital assets! And never compromise security to make things easier!
To stop unauthorised access, managing permissions to confidential information, sensitive data and system settings – both by individuals within or outside of your organisation – is very important. If a cyber criminal does successfully breach your system, this could result in a Malware intrusion, data loss – or, even worse, theft – or, if the cyber criminals are particularly clever, deliberate changes to your security settings which will present opportunities for attacks at a later date.
Anti-Malware software must be installed on all computers and laptops at home and in the office! Most operating systems come with a free one – DO NOT TRUST IT! These are often basic and offer very limited levels of protection, at levels not sufficient for a business.
As we explained previously, the cyber criminals’ intentions are to encrypt your data – the confusing part is that you need to do it before the criminals can in order to protect it. This sounds counterproductive, I agree. To explain, encrypting your own data is different to it being encrypted by a third party. Data encryption works by scrambling the readable text of your files and documents so they can only be read by the person who holds the ‘key’. It is therefore essential to do this before the criminals do.
Cyber security guaranteed
Since our conception back in 2005, we at Vostron have operated under a series of predetermined guiding principles, agility, people, and approachability. With those principles adopted wholeheartedly throughout everything that we do, along with our progressive approach in helping our clients to achieve their business goals in the most cost-effective and secure way possible, we are proud to say that we have earned the trust of a loyal customer base across the UK (from our home in Southampton).
Please don’t hesitate to get in contact to find out how we can help you!