There’s no doubt that cybercrime is on the rise across the world with data breaches happening on a daily basis. Larger companies are targeted because they tend to hold more valuable data, while small businesses are targeted because they tend to have weaker security measures. There’s no excuse to be complacent with your data because everyone is at risk. That’s why we wanted to share our top 5 cyber security tips that can be implemented almost immediately to help protect your business data.

Cybersecurity Ventures predicts that cybercrime will cost the world more than $6 trillion in 2021. The costs come from damage and destruction of data, stolen money, reduced productivity, theft of personal and financial data, and damage to reputation. It’s easy to think it will never happen to you but thinking like that will only increase the chances that it will happen to you. In fact, there’s nearly a 50/50 chance that your business will experience a cyber-attack. It was reported that 46% of UK businesses experienced data breaches in 2020 and the percentage is likely to increase this year due to the increase of remote working.

However, it’s not all doom and gloom. There are steps you can take to strengthen your cyber security systems to make sure that you’re in the 50% of businesses that don’t lose their data to hackers. The first step is taking the matter seriously. So, the fact you’re seeking out ways to improve cyber security for your business is a great start. The next step is implementing simple changes to your systems and ways of working to make sure that your data stays safe. This article will outline 5 easy cyber security tips that every business should put into action immediately.


Cyber security – what is it?

We’ve touched on why you should care about cyber security but before we discuss our cyber security tips and tricks, let’s outline exactly what cyber security is. Understanding the basic definition of cyber security makes it less daunting and easier to implement. So, what is it?

Cyber Security is a term that describes all the actions that a business or individual takes to protect their digital infrastructure. It refers to the technologies, processes and customs that are used to protect systems, networks, applications, data, and devices from attack, damage, or unauthorised access.


1.    Keeping your software, systems & apps up to date is a powerful but simple cyber tip

Updating your software, systems and apps regularly is cyber security 101. Every update should provide you with new features, performance updates, and bug fixes. All of which reduce the security vulnerabilities that are present on the software, system or app that you are using. This makes it harder for cybercriminals to hack because it constantly changes and reduces the number of entry points into software programs or operating systems.

Let’s look at it this way, if you haven’t updated your system or app for 1 year, a hacker has had 1 year to discover vulnerabilities and develop malware to attack those weak spots. Whereas, if you update every week or every month it reduces the amount of time hackers have to identify and exploit weaknesses.

It’s easy to ignore the update reminders and put them off to next week or next month, especially as the systems, apps and software still work without an update. However, it is just as easy to hit the update button and significantly reduce the threat of cybercrime. It does get more complicated for bigger businesses with large digital landscapes. If you have hundreds of updates to consider it’s important that your IT team plan the updates at the right time to minimise the impact it has on your employees. Just remember that a small amount of downtime is considerably less expensive than a data breach. So, always hit that update button as soon as possible.


2.    Create strong passwords & use a password manager

Our second cyber security tip is another one that is often overlooked because of its simplicity. Once you know the statistics around passwords and data-breaches your attitude towards passwords might change. The 2019 Verizon data breach investigations report found that 80% of hacking-related breaches were tied to weak and compromised passwords. Passwords can become comprised through phishing attacks so you and your employees must know how to spot and avoid them. Also, password hacking technology has evolved to the point where hackers have the ability to try 350 billion guesses per second. This means that if targeted, it’s only a matter of time that weak passwords are cracked by brute force attacks.

The best way to protect against cyberattacks from weak and comprised passwords is to regularly update passwords and to make the passwords stronger. Here are some of the basics to consider when creating strong passwords:

  •     Avoid sequential numbers, letters and personal information (DOB, age, name, etc.)
  •     Do not include ‘password’ in your password!
  •     Passwords containing less than 12 characters are considered weak
  •     Use 15 characters or more if possible
  •     Use a mixture of uppercase, lowercase, numbers, and symbols
  •     Avoid common number substitutions (Pa55word, Driv3r1, 8o8smith1)
  •     Don’t use sequential keyboard paths like qwerty or zxcvb
  •     Use random sentences that only you can remember (yelloWCucumbersandwiches1#)
  •     Mix languages in the same password
  •     Use different passwords for different accounts, applications and login credentials
  •     Use a random password generator

The main excuse for not creating strong passwords is “I’ll never remember that”. Luckily, password managers exist which will do all of the remembering for you. So, you can create ludicrously complex passwords that no hacker would ever guess. The catch is that you will have to remember the password to your password manager. For that, it’s important that you and your employees choose a very secure password and find a way to remember it. If you’re worried about forgetting it try writing it down on a piece of paper and storing it safely at home. That way if you forget you can still access your passwords.


3.    Protect data by using a remote access virtual private network (VPN)

VPNs allow you to create an encrypted network protection system that enables safe communication between devices (phone, laptops, tablets) and company networks. It enables you to protect your data from hackers even when your employees are working remotely or on public Wi-Fi. Your employees’ devices are more vulnerable to attack when working from home, or in a café for example because those networks tend to have less security than your company Wi-Fi or intranet. When using a VPN, the data sent between your device and company network still passes through the vulnerable spaces. However, the data is encrypted so that only the device and the network can understand the data. So, even if a hacker does manage to intercept the data, it will just look like gibberish.

The best way to find the good VPN for your business is to speak with either your in-house IT team or third-party IT professionals. They should be able to point you in the direction of a cost-effective VPN software that will protect your data. However, if you do go it alone, here’s how to pick the right VPN:

  •     VPNs for businesses should have a dedicated IP address and a dedicated server for the best security. VPNs for individual use work on shared servers so make sure to avoid those
  •     It should have multiple server locations to improve speed and performance
  •     You will need to make sure you select a service that allows multiple users (enough for all your employees)
  •     It should be scalable to accommodate more users as your business grows
  •     Two-factor authentication for increased security
  •     Easy to set up, manage and use
  •     24/7 customer support


4.    Introduce two-factor authentication (2FA)

Our simple but effective cyber security tip number four is to enable two-factor authentication to add additional security to your logins. This is particularly important for areas of your network that hold your most sensitive data. For example, your finance server or the place where all your customer’s personal information might be stored. 2FA software ensures that only authorised users have access to specific areas of your network. As well as protecting your network from outside threats, it also protects your data from inside threats such as unauthorised employees accessing sensitive data.

The process usually involves users having to input a code that is provided by an authentication app, SMS or text message after they have logged in with a username and password. The code can be a one-time password that expires after it’s been used or a time-sensitive password that expires after 30 or 60 seconds. If you want to be extra secure, you could find one of the services that use biometric data like fingerprints or face ID as the secondary password. Two-factor authentications simply add another layer of security making it more difficult for your data to be breached. For the sake of an additional 10 seconds every time you log in, it’s worth it.


5.    Train your staff and promote a security culture within your business

Last, but certainly not least, is the task of teaching your staff about how to perform all of the above-mentioned security protocols, and how to spot and avoid harmful phishing attacks. Even with the most advanced security protocols and software, human error is also a huge weakness for any business’s cyber security. So, having a clear security protocol and taking the time to make your staff aware of it is key.

Be under no illusion that getting employees to be motivated about cyber security is a challenge in itself. So, get creative with the delivery of cyber security training so people pay attention rather than nod off during the meeting. It also needs to happen more than once a year and not just in employee onboarding sessions. If you’re serious about cyber security, your systems will be updated and changed throughout the year which means your staff will need to be updated on how to use them.

Final thoughts on how to keep your data safe

Cyber security is one of the biggest risks to any business operating in today’s digital world. A data breach can not only cost you in terms of money but also in terms of your reputation. However, this article has given you five easy cyber security tips that you can start implementing right now. If you want to find out more about how to improve cyber security for your business, feel free to give OHC a call and one of our experts can explain how we can enhance your cyber security.



Originally published Apr 12, 2021 02:26:11 PM, updated June 11 2021

See how we can help your business grow with full IT Support Contact Us