Home » Running a Business » Business Technology » How an SME can protect themselves from cyber attack

How an SME can protect themselves from cyber attack

Small businesses can be crippled by a single attack on their infrastructure

Owen Gough, SmallBusiness UKby Owen Gough

With the recent news of Yahoo suffering a severe breach of user details, 9 Spokes runs through how small businesses can protect themselves.

Businesses of all sizes face potential risks when operating online and therefore need to consider their protection from cyber attack. SME’s have a lot more to lose than larger enterprises as a single cyber attack may have dire financial consequences and have a direct impact on the future survival of the business.

Small businesses will be a lot more secure from cyber attack if they heed and adopt some of the following recommendations from Deon Hanekom, compliance manager at 9 Spokes.

User awareness is key to any cyber security strategy whether in a large enterprises of 10,000 employees or a small business with a single owner operator.

Train employees about information security and make sure they understand the consequences of cyber attacks. One does not have to go into too much research here as almost every other day a data breach or a celebrity’s social media account is hacked.

Limit employee access to data and information as applicable i.e. apply a role based access requirement lens and only provide the requisite access/authority for the execution of the specific task/function.

Make sure that all your devices are secure by updating the firmware and software on a regular basis or as soon as the manufacturer releases updates or patches. Also ensure that the antivirus software on your devices are kept current as they depend on regular virus signature definitions to be effective and to halt any malware from embedding itself.

Make sure that all network access devices such as routers/modems are secured with WPA2-AES encryption at a minimum and do not broadcast the SSID. Your service provider should have provided guidance around this and should be more than willing to assist you with this.

Document your policies and procedures for cyber security and make sure that they are understood and acknowledged by your team.

Encrypt data at all times, e.g. customer details on your local in-office database. Most cloud service providers can provide these and other services with the extra benefit of backup and disaster recovery services.

Make sure that you have read and understood the requirements of the Data Privacy Act and the requirements of the UK Information Commissioners Office.

If you store customer data (Personal Identifiable Information (PII)), then you need to register with the ICO.

Further reading on cyber attacks

Owen Gough, SmallBusiness UK

Owen Gough

Owen was a reporter for Bonhill Group plc writing across the Smallbusiness.co.uk and Growthbusiness.co.uk titles before moving on to be a Digital Technology reporter for the Express.co.uk.

Related Topics

Cyber Attacks

Related Stories

Business Technology

How to keep your small business safe online

Here's how Security Service Edge from Vodafone can help to protect your SME from ever-increasing cyber threats

Business Technology

Online Booking Systems for Small Businesses

For small businesses that are scouting out online booking systems, we've gathered some of the best on the market.

Business Technology

How to grow a global creative agency in record time

Find out how creative agency, Myth Studio, used technology to grow their business and quadruple their staff count in 18 months

Business Technology

10 card payment machines ideal for small business

Featuring the SumUp Air, Zettle 2, and Small Business Pro, we break down the fees and functions of the best card payment machines for UK small businesses