How safe are you? Really?
There’s absolutely no room for complacency when it comes to cyber security – and small businesses are common targets.
Don’t let yourself be hoodwinked by the hackers.
There are good steps you can take to educate yourself and your team and massively reduces those chances.
Things to know, look out for, and small steps to take that can make all the difference – well worth a browse.
Here, we precis.
The piece starts on a sobering note:
‘Small businesses and self-employed people are big targets for hackers, and the financial implications can be crippling. Gone are the days of thinking “It’ll never happen to us”. A total of 61% of all data breaches this year occurred in businesses with fewer than 1,000 employees…’
If that doesn’t make you sit up and take notice…
It also outlines new EU legislation coming into force, it says, next year which could lead to hefty fines if you neglect to keep absolutely secure any personal data.
‘Not only have hacks increased in frequency, but the impact on SMEs is getting much bigger.’
Helpfully the piece highlights a common misconception – that small businesses are extra vulnerable simply because they lack resources.
‘This perception’, says The Guardian, ‘stems from the impression that hacks are vastly complicated, and rely on a tireless horde of highly skilled attackers.’
‘Most hacks aren’t like that. The majority depend on poor passwords and a lack of awareness’ – neither of these require huge budgets to rectify.
But they are very well worth doing.
‘Educating yourself and your staff is the only solution’, says the piece.
‘Hackers always look for soft targets, so start with the basics.’
The Guardian goes on to list 7 simple steps you can take to ensure you’re not among the softest targets. None is onerous – more, simply, a matter of understanding what you’re aiming for, and why.
Following these could save you £millions. Just do it.
Here’s The Guardian’s step by step guide:
#1. Get a strong password, it says, adding that ‘80% of hacking-related breaches use either stolen passwords and/or weak or guessable’ ones. Did you know you can use spaces in a password? Many don’t.
So, says the piece, ‘“horse mug table” is a much better password than “Horse123”.’ Worth knowing.
And it includes a link – here: check how long your password would take to be hacked today!
#2. Make your password unique. It’s no good having an unguessable password that then gets inadvertently leaked. You do need unique passwords for each site/ account you use. ‘We’ve seen massive, trusted companies like LinkedIn and Yahoo leaks millions of passwords over the last few years’, reminds The Guardian.
‘Password managers like LastPass and OnePassword help you generate and keep track of unique and strong passwords.’
#3. Be alert to phishing. Hackers send phishing emails to try to ‘get you to click on their website so that they can install malware or convince you to give them your password’, says The Guardian.
Be alert. Warning signs include, the piece suggests, poor syntax and spelling, and email addresses which contain lots of full stops.
#4. Notice how much personal information you’re already making available – i.e. hackers can potentially access information you share elsewhere, such as on your Facebook profile.
‘Famously’, says the piece, ‘the hackers behind the celebrity iCloud leak in 2014 used information they’d gained from public posts’ to guess personal security answers. Just think.
#5. Notice urls. This is really useful – look out, it says, for urls that start ‘http’ instead of ‘https’. This means ‘your communication with that page is unencrypted’ – insecure, open to ‘a hacker waiting on that page’.
‘If you’re ever entering sensitive information like credit card numbers or personal details, make sure the website has “https” in the website url.’
#6. Accept software updates. Software updates happen ‘for a reason’, is how The Guardian puts it. Do accept them.
‘Usually companies like Microsoft or Apple will discover a vulnerability that might let hackers in, fix it, then offer an update. Always take them up on it.’
It cites the WanaCry attack earlier this year as what happens when organisations don’t. ‘Unpatched vulnerabilities offer gaps into your systems that hackers use to install malware and ransomware, or to just gain control of your systems.’
#7. Finally, encrypt everything, recommends the piece. This means, if hackers do get in, they won’t be able to understand your info. ‘Encrypting your hard drives and databases with a modern algorithm like AES256 is a key defensive tool to protect your data in the event of a breach.’
It points readers to a post explaining how to do this ‘in under an hour’.
Finally, the piece says, think about the bigger picture.
‘Knowledge is the key to cybersecurity, but it’s important to think about the underlying structure of your business and the way it handles data more broadly. Organisation-wide controls and data-protection policies help define sound technological defence, and ensure you know how to respond in the event of a breach.’
There’s more in the piece – read it in full over in The Guardian.
This is not nice-to-know nowadays, it’s need-to-know. And for no one more than a small business owner like you.