Digital security is a complicated subject and one that most small businesses don’t have time to look at in any real depth. At the same time, it is a worry, because we have all heard stories of firms that have been hit by cyberattacks and ransomware heists. We tend to only hear about the big events, but that does not mean that smaller businesses don’t get hit too. They do, and a really bad attack can cause significant, often irreparable, harm to a business
Ultimately, small businesses need to keep security in perspective. You could spend a lot of money on securing your systems and data when, in practice, doing a few simple things the right way can make a big difference. This can include making sure you always keep software up to date, and that you have really good passwords in place (and, ideally, these should be changed quite frequently), and making sure your staff are all aware of the dangers.
While many small businesses will perhaps believe that it’s unlikely to happen to them – and even suspect that IT security companies are overstating the risk and selling fear – what they do have to realise is that cybercrime is now big business.
While professional criminal gangs will often target big organisations that have a lot to lose – and may be prepared to pay millions to get their systems and data back – they are also well aware that most businesses are small businesses (in the UK, SMEs accounted for 99.9% of the business population (5.9 million businesses at the start of 2019), according to the government). Criminals take a systematic approach to sending out emails with virus-laden payloads that can cripple your systems, deny you access, and put you in a difficult position.Back to top
Basic protection for business broadband and Wi-Fi
At the very least, all your systems – servers, laptops, desktop PCs and tablets – should have anti-virus software installed. As long as this is kept up to date, this should provide the basic layer of protection that you need to stop any nasty malware getting into your network and causing problems. You need to make sure staff understand the importance of keeping software up to date and are scanning systems regularly to make sure something had not crept onto their system when their guard was down for a moment.
Another basic precaution you can take is making regular backups. Ideally, you should be doing this by taking regular ‘snapshots’ of your data (there are plenty of solutions and services that enable you to do this), or at least backing up systems on a daily basis. This is not difficult and can be entirely automated. It may impact performance of individual systems for a short while, but as long as staff are aware of when it happens and why it matters, it is not going to get in the way.Back to top
Securing your business broadband and Wi-Fi
Your broadband connection is the gateway to your network and, as such, it’s a key focal point for security. If you can prevent any malicious emails or code getting onto the network in the first place, you should not have any problems.
But there is also another route the criminal can and will exploit, if they can, and that’s through your Wi-Fi. Wireless networking is a broadcast technology – and there is no real way to prevent people on or near your premises from picking up the signal from your router. If they can find out (or guess) the password, they should be able to gain access to your Wi-Fi and through it, your systems and data.
Fortunately, there are quite a few simple things you can do that will make it much harder for anyone to break into your wireless network. First of all, you can change the password. All routers come with a pre-set password and it should be unique to that device. But hackers have tools that can make thousands of guesses at passwords, so you can’t rely on the pre-set access code to protect you at all times.
Another thing you can do is deactivate the Wi-Fi protected setup (WPS) on your router. This feature makes it easy for devices like printers to be connected to the router, but it can also be hacked and used to gain unauthorised access.Back to top
Advanced and multi-layered protection
Routers tend to come with a built-in firewall, which will block unauthorised or attempts to access your company network. You can buy more advanced firewalls and security appliances that will give you more features and added protection. This is definitely worth considering if you have a high dependency on your systems and networks. These dedicated security devices will give you added protection in the form of intrusion detection and prevention, content filtering, and analysis of traffic. Some will also pick up unknown or unidentified packages and isolate them until they can be identified as being safe.
These different features are often referred to under the umbrella term of unified threat protection (UTM) – but ‘UTM’ is not a standard of any kind, it’s just a generic acronym. You need to look at the specific features offered to know how much protection a security appliance is going to give you.Back to top
Security policies and training
The final piece of the jigsaw for Wi-Fi and broadband safety is having a security policy and making sure your employees understand the dangers and what they need to do in order to minimise the risks.
A security policy will help you keep software up to date, and also help you to stay on top of security settings, such as password changes. It is important that your staff all read the policy and receive adequate training so they can feel more confident in their roles.
Remember to keep your policy up to date, and if you have any issues with your security policies, go to your IT reseller or solutions provider.Back to top