We’re entering the festive season and it’s tempting to sit back and relax, assuming that so is everyone else. But cyber criminals don’t take annual leave, or, out of the goodness of their hearts, reduce the veracity and tempo of their attacks just because it’s Christmas.
Here’s what you can do to prevent cyber criminals from preying on you and your business, and impacting the reputation of you or your customers. Think of this protection as an early present to yourself and your company.
Remember that cyber security is not just about the hardware
It is also about the people and processes involved in your business. These work in unison and complement each other to provide a sustainable and robust cyber security posture for your small business.
A good reference is the ISO27001 standard and it contains excellent guidance on the implementation of good cyber security practices and guidelines. A google
search can bring up numerous references.
It is more of an imperative for SME’s to adopt than for larger enterprises, because a single cyber incident could potentially lead to the demise of a promising small business.
Talk to your staff and family about cyber security
Speak about topics such as being wary of what we download and click whilst surfing, what we post online on any of our social media accounts and making sure that the person we think we have invited as a friend is who they say they are.
Have clear policies for your staff and for your children at home regarding the ‘Cyber Rules of Engagement’. The golden rule, don’t post what you wouldn’t say in public.
Remember it needs to be reiterated and the awareness loop must be constant
Loose lips sink ships!
Don’t ignore your surroundings when holding conversations. Many of us have what we would regard our ‘personal space’ and we feel uneasy if someone we don’t know ‘invades’ it.
But we forget our voices extend beyond this and people seated two or three rows behind you could be listening to what you have to say. They could be competitors. They could be customers. They could be criminals!
Vet the suppliers in your supply chain
Making sure your suppliers can be trusted is a big part of security because they could represent a real risk to you and your business, so follow a few steps to protect your business by getting to know your suppliers.
You should start by asking your suppliers how they can demonstrate that they are a safe and secure business by providing evidence of certification to security standards like PCI DSS, ISO27001 or cyber essentials.
Take a risk based approach and you will not be caught off guard when something goes wrong with their business.
Remember your customers have entrusted their data and in some case their personal information to you. They also trust that you will be able to deliver on the service or item that they have purchased or intend to purchase.
Prevent identity theft and don’t become a phishing victim
Be wary of public hotspots and always make use of a VPN conduit should you need to make use of a WIFI hotspot. A simple google search will bring up numerous private VPN providers of which some are free and some carry a small cost or subscription.
When transacting online, always make sure that the secure connection status is evident e.g.
HTTPS://sellyourvehicle.co.uk = Secure encrypted website link
HTTP://sellyourcar.co.uk = Unsecure not encrypted website link
Secure your operating environment, both physically and digitally
You most likely already have an alarm system or some other sort of armed response security for your business, but have you forgotten about your ‘cyber premises’? You need to ensure that your Antivirus is installed, updated and that scans occur on a regular basis.
When going out after work during this festive period, make sure that any mobile business assets are securely locked away or out of sight when stored in a vehicle.
This time of year, is when laptop and mobile phone thefts and losses experience a significant spike.
Remember passwords are the keys to the house
This is one of the simplest and most effective ways to prevent unwanted parties from accessing your personal data and information. Also, use different passwords for different areas of your digital life.
Think of passwords like your toothbrush.
a) Choose a good one
b) Don’t share it with anyone
c) Change it occasionally
Deon Hanekom is compliance manager at 9 Spokes.