A new year is a perfect time to form habits and set goals for the year ahead. While you might be setting ambitious goals or taking up a new hobby, why not make some cyber security resolutions for your business in 2022 to protect yourself against cyber-attacks and online fraud?
Action Fraud, the UK’s national reporting centre for fraud and cyber-crime, say that one in four small businesses are affected by fraud every year, with costs estimated at £18.9 billion across all sectors. Taking the time to complete some of these simple actions will protect your business year-round from the most common online threats and could potentially save you thousands of pounds and hours of frustration.
In 2022 I will:
- Ensure all my passwords are unique and complex.
- Use two-factor authentication on all accounts where possible.
- Consider using a password manager to store complex passwords.
- Install reputable antivirus software and ensure it is kept updated.
- Schedule regular scans with antivirus software and automate where possible.
- Not ignore any messages my antivirus software generates.
- Keep all software and operating systems up to date with regular patching.
- Consider upgrading devices and software which no longer receive security updates and are end of life.
- Consider uninstalling software which I no longer require as this can help threat actors gain a foothold onto your systems.
- Stick to only installing software from reputable vendors where possible and research any other software prior to installation.
- Avoid unfamiliar websites where possible.
- Ensure websites are using HTTPS when transferring sensitive information (a padlock will appear before the URL).
- Consider installing an ad blocker as advertisements/popups can be used to deliver malware.
- Ensure my Wi-Fi networks are password protected with WPA2 encryption or stronger.
- Avoid using public/communal Wi-Fi where possible and avoid using it for the transmission of sensitive data (such as login/banking information) at all costs.
- Use VPN’s to connect to your business whenever possible as it encrypts your connection.
- Make regular backups of all important files and computers.
- Try to have more than one backup available and attempt to store at least one of them off-site.
- Ensure all backups are stored securely both physically (in locked storage) and digitally (password protected and/or encrypted).
- Test that my backups work by performing a dry run of using them to restore data. All too often this is not tested and when backups do need to be restored, the process does not work correctly.
- Ensure all computers and mobile devices are password protected and encrypted where possible.
- Lock devices when not in use and not leave devices unattended in untrusted locations.
- Avoid inserting unverified removable media (CDs/DVDs/USB Drives) into devices.
- Strictly control the usage of USB drives and block unless essential.
Where can I find more advice?
- Visit FSB's dedicated cyber security and data protection hub for further guidance
- Access resources from the National Cyber Security Centre (NCSC) and Action Fraud
- Check out NCSC's handy guide for small businesses
- Take the Cyber Essentials certification, a Government-backed scheme that will help you to protect your business
Your best defence against cyber-attacks
Protect against unseen threats. Help your business stay in the clear with cyber security support you can trust, backed up by cyber insurance designed for small businesses. Let’s get started