SME Hacks: Small Steps to Help Your Business Combat Cybercrime

When it comes to protecting your business, you wouldn’t head home with your shopfront door wide open after a long and busy day, nor would you allow members of the public to leave with a basket of your goods, minus the payment. For both digital SMEs and bricks-and-mortar businesses also operating online, you should be protecting your business from cybercrime. With the average cost of an SME’s worst form of cyber attack ranging between £65,000 and  £115,000 last year, cyber security may seem invisible and ‘unimportant’, but can prove a costly hit to your business should you wind up exposed.

Government data has shown that in the last 12 months, 40% of small businesses and 60% of medium-sized businesses have experienced some form of cybercrime – whether stealing personal data or hacking into banking/payment systems. While an SME’s cyber fortress may be slightly less sophisticated than a larger corporation’s (some with whole departments dedicated to fraud prevention), there are measures all business owners can put in place to enhance their security. We explore some simple ways you can help keep cybercrime at bay.

Password protection

It may seem like the oldest trick in the book for office-based businesses, but password protection of email accounts, servers, folders and even single documents is key should you wish to limit potential intrusion. When communicating passwords to others, ensure information is shared via a brand new email thread, and prompt your team to update their existing passwords on a regular basis. Password management apps are the best solution to keeping this in check, while also generating secure combinations that cyber criminals won’t be able to crack in a hurry. Two-factor authentication can also help keep your business data watertight, where the buffer of a second device such as a smartphone or tablet is the only way users will be granted access.

Practice cyber hygiene

Making cyber hygiene part of your housekeeping is crucial should you always wish to remain one step ahead.  Hold regular workshops with staff to train them on best practice, set time aside for insightful webinars, or why not invite a cyber fraud expert in for the day. Involving your staff members will help them realise that your business security is a joint responsibility, and that all team members should be on the lookout for weak links. Take time to reassess your in-house policies, such as streamlining staff access to certain file locations to minimise the risk of a breach. If working from a central server, ensure staff are not saving work to their desktops. While technical firewalls are effective, an even stronger ‘human firewall’ can be enforced through simple security awareness.

Partner/supplier security

While your priority of course starts with your own business, the surveillance levels of those external parties working alongside you – your partners, suppliers and clients – could also pose a security threat should they fall by the wayside. As you continue to review your own protocol, take this as an opportunity to learn about theirs and whether this measures up; are their employees equally as cyber-savvy? Would they ever be willing to sign a non-disclosure agreement? Consider any stand-out weaknesses and always be cautious whenever granting third-party access to classified material. For future working relationships, include a clause within your contract so that new partners will know to comply with your standards from the get-go.

Know your threat

Beyond raising awareness and conducting best practice seminars with your staff members, knowing how cyber criminals operate will give you and your employees the best chance of identifying suspicious behaviour. With ‘phishing’ emails said to aid the most common form of malware attack (malicious software designed to cause harm to a victim’s computer system), this is just brushing the surface when it comes to wider hacker activity. From ‘keyloggers’ – monitoring tools used to record keys typed by the end user to gain access to company accounts and networks – to ‘Trojans’ – illegitimate software in disguise giving hackers access to computer systems once installed – these are just some of the terms used to describe the tactics of cyber criminals (and something every SME owner should know about).

By keeping passwords, systems and software updated – as well as enforcing a strict staff awareness policy – your business will be better positioned to withstand what’s around the corner. From company set-up to strategic planning, our business start-up support services are designed to cover all bases. Get in touch with Adams Moore today.