5 steps to cyber security » SMEInsider

5 steps to cyber security

The rapid pace of change in technology and corporate culture makes cyber security increasingly tricky, especially for SMEs that have limited resources to invest. Here are the five basic steps that you should be taking to keep your company’s – and your clients’ – data safe.

  1. Protect against malware

You’ll need to scan for malware across the whole organisation and create defences that are relevant to your organisation. This means making sure that you install updates for all your programmes on a regular basis to plug any security holes – and making sure that you run the updates from an official source, as viruses often masquerade as updates. Just keeping on top of these basics can reduce your computer’s risk of infection by 98%, according to Microsoft. Decent anti-virus software, such as Avast, also protect against spyware.

  1. Make sure you have really strong network security in place

Your networks need to be protected against external and internal attacks. Make sure that you’re filtering out unauthorised access and malicious content, keep the network perimeters to a minimum, and test your security controls for any weaknesses. One very simple thing that can make a big difference is to create a standard user account for your computer or laptop and only use your “administrator” account when you really need to, for example when installing a program. This makes it harder for hackers and malware to get their teeth into your system.

  1. Analyse your business for threats

It’s crucial to work out where on your systems the most important, business-critical information is kept, and how it is transferred when it needs to be. This will help you think about all the different points along the chain where a hacker might try to access your information, allowing you to break down your security into manageable chunks and check that every stage in the process is covered.

  1. Make a contingency plan

Obviously the best case scenario is that you don’t get hacked, but what would happen if you do? How are you going to minimise the threat and shift your data to safety? How will you make sure that a breach in one part of the business doesn’t give access to information stored in another? Is your information properly backed up somewhere totally secure? Thinking about the absolute worst case scenario will often shock you into finding practical solutions that inform your security measures, too.

  1. Set rules for mobile working

No matter how tight your security onsite, it will mean nothing if you abandon it every time you step out of the door. When more and more offices are opting for BYOD and mobile working policies, it’s essential that workers offsite are as vigilant as those in the office. Make sure that the same protections installed on your office computers are also in place on your employees’ ones, and give staff basic training in how to adhere to your security policy.