A new year is a perfect time to form habits and set goals for the year ahead. Whilst you might be exercising or taking up a new hobby, why not make some digital resolutions for your business in 2021 to protect yourself against cyber-attacks and online fraud?
Taking the time to complete these simple actions will protect your business year-round from the most common online threats and could potentially save you thousands of pounds and hours of frustration.
Action Fraud, the UK’s national reporting centre for fraud and cyber-crime has stated that one in four small businesses are affected by fraud every year, with costs estimated at £18.9 billion across all sectors.
In 2021 I will:
Passwords
- Ensure all my passwords are unique and complex.
- Use two-factor authentication on all accounts where possible.
- Consider using a password manager to store complex passwords.
Antivirus
- Install reputable antivirus software and ensure it is kept updated.
- Schedule regular scans with antivirus software and automate where possible.
- Not ignore any messages my antivirus software generates.
Software
- Keep all software and operating systems up to date with regular patching.
- Consider upgrading devices and software which no longer receive security updates and are end of life.
- Consider uninstalling software which I no longer require as this can help threat actors gain a foothold onto your systems.
- Stick to only installing software from reputable vendors where possible and research any other software prior to installation.
Web Browsing
- Avoid unfamiliar websites where possible.
- Ensure websites are using HTTPS when transferring sensitive information (a padlock will appear before the URL).
- Consider installing an ad blocker as advertisements/popups can be used to deliver malware.
Wi-Fi
- Ensure my Wi-Fi networks are password protected with WPA2 encryption or stronger.
- Avoid using public/communal Wi-Fi where possible and avoid using it for the transmission of sensitive data (such as login/banking information) at all costs.
- Use VPN’s to connect to your business whenever possible as it encrypts your connection.
Backup
- Make regular backups of all important files and computers.
- Try to have more than one backup available and attempt to store at least one of them off-site.
- Ensure all backups are stored securely both physically (in locked storage) and digitally (password protected and/or encrypted).
- Test that my backups work by performing a dry run of using them to restore data. All too often this is not tested and when backups do need to be restored, the process does not work correctly.
Devices
- Ensure all computers and mobile devices are password protected and encrypted where possible.
- Lock devices when not in use and not leave devices unattended in untrusted locations.
- Avoid inserting unverified removable media (CDs/DVDs/USB Drives) into devices.
- Strictly control the usage of USB drives and block unless essential.
Where can I find more advice?
In addition to following industry-standard tips and advice on securing your business, such as cyber policies and cyber insurance, it’s also important to keep up to date with new scams and threats.
The National Cyber Security Centre (NCSC) and Action Fraud’s websites offer resources and guidance for small businesses. NCSC has a handy guide to help protect your business, or you can take the Cyber Essentials certification.
Got a question?
FSB members can call our team of cyber experts from FSB Cyber Protection with any questions, or if you need support with an ongoing incident. We provide jargon-free, actionable advice on how to protect you and your business.
