The benefits of getting online for small businesses are many and undebatable, but with the recent news of government grants available to help small businesses get online, and as we enter the final stages of preparing our new website for launch, we wanted to look at a lesser discussed aspect of doing business online – cyber security.
Cyber security is how businesses protect their computer based technology and information from unauthorised access but just what is at risk? The primary concern for many businesses is the information that could potentially be accessed. Information can take many forms, from your and your clients’ financial details, to customer databases, business pricing information and any manufacturing processes. If this information is online but not protected, then the potential is there to harm your business, whether intentional or accidental.
The good news is that it’s very easy to minimise these risks through proper planning, implementation and continual reviewing. When planning your cyber security, it’s a good idea to do some risk assessments; think about your business’s legal and compliance requirements, analyse your information assets and identify any risks. Assume that all of your IT could be wiped out, and create a plan that allows your business to stay in operation during the crisis.
When you come to implement your plan, you may wish to consult with an expert in cyber security, but essential areas to focus on are malware protection and network security (both external and internal networks), ensure that all your IT equipment is securely configured and all staff members have the correct user privileges. Consider monitoring the use of removable media and BYO (Bring Your Own) devices and make sure you check activity logs and monitor the use of IT systems, as both of these last two steps will help you identify any malicious activity in your systems.
Reviewing your plan at regular intervals will help you identify any increase in risk to your business. Make sure when staff leave that their privileges are immediately revoked and accounts deleted. When you’ve finished using a piece of software or equipment, make sure it is securely disposed of and any sensitive information is deleted. In the unfortunate event that your business is attacked, it is important to understand fully why this happened, remove any malware and address any weak gaps in your security.
As doing business online becomes more commonplace, cyber security will become ever more important. We hope our blog post has got you thinking, we certainly learned a lot with the creation of our new website and are excited to see it live very soon.