Prevention for Businesses
Many executives believe that only multinational corporations need to worry about being hacked. The reality is far different, with SMEs a main target due to the prevalence of relatively basic security measures. Every business has data that can be used by a hacker, from payroll and client information to email accounts and social media passwords, so the prevention of breaches is paramount even if you’re a sole trader.
Cyber attacks cost British industry £34bn a year* and cause various other problems, such as damaged public relations, a loss of customer trust and countless hours of wasted time. There are numerous actions that you can put in place immediately, which when combined will significantly increase your company’s IT security infrastructure. Follow these tips first, then get in touch if you want to take security to the next level.
Train your staff
This is the place to start, as best practice is essential to online security. Rather than sending an email, we recommend getting everyone together for a meeting to explain exactly why their input is so important. Give them a crib sheet that’s easy to digest and remember, covering fundamental security issues such as refraining from writing down passwords, locking computers when they leave their desks, and never opening emails that look suspicious.
It’s not just the computers in your workplace that can cause a problem. If staff take home laptops, USB sticks and other devices that contain company information, a security breach could take place whilst they’re on another ISP, or even as a result of loss or theft. Encrypted devices require security keys or passwords, making prohibited access practically impossible.
Intrusion detection and prevention
An intrusion prevention system (IDS) monitors a network for malicious activities and policy violations. It then reports any possible issues, allowing you to seal security gaps, track unauthorised visits and prevent future incidents. This is a sophisticated system and an excellent return on investment.
Scans should be performed on a regular basis, weekly if possible, and every system should be checked. Leaving an assessment for months could result in a problem only being detected when substantial damage has been done, compromising the entire IT infrastructure.
By running regular system updates, you’ll download patches to cover security holes. Whilst it’s easy to leave this to individual staff, many will delay or cancel a system update because they see it as an unnecessary disruption to their day. If instead your IT specialist dedicates time to updating all machines before staff arrive, after they leave, during lunch breaks and meetings or at the weekend, you can rest assured that the entire system will run smoothly. In the process, they can also check that anti-virus, anti-spyware and anti-malware software is installed and operational.
Data, files and emails can be lost through hacking, physical failure of a device, accidental deletion, theft, disaster, or even a cuppa being knocked over a hard drive. Everything important should be backed up somewhere, such as an additional machine or USB drive. The most effective and timesaving way to ensure the safety of your files is through online backup, giving true peace of mind and greatly reducing downtime in the event of a security breach.
Find more information and IT security news here.