Protecting your small business against cyber attacks

photo of a man working at a computer

Wednesday, 17 July, 2019

Napoleon once dismissed the British as a nation of shopkeepers, but today, we could more accurately (and less patronisingly) be described as a nation of entrepreneurs.

There are an estimated 5.7 million small and medium-sized enterprises in the UK, including millions of micro-businesses employing less than ten people.

Collectively, these companies generated two trillion pounds of turnover. And every single one will have experienced an attempted cyber attack in the last twelve months.

The threat is real

Contrary to popular belief, cyber attacks don’t just include Distributed Denial of Service (DDoS) assaults on network servers, intended to take a business offline.

The catch-all term ‘cyber attack’ includes phishing – those tiresome “your account has been compromised” emails, or “reset your password” SMS messages.

It includes password theft and brute force login attempts, where an automated program known as a bot attempts to access databases or other sensitive corporate data.

It even extends to technical processes like cross-site scripting attacks, which involve a level of complexity beyond most small business owners.

But how can any entrepreneur or small business owner go about preventing cyber attacks if they don’t know their XSS from their SQL?

These are our tips for keeping companies safe…

Preventing cyber attacks

Develop a security plan. Identify where your firm might be vulnerable – customer databases, ecommerce platforms, etc – and toughen security around any key assets.

Standardise data management. Build on the previous point by using a single software package with consistent security, such as password-encrypted Excel files.

Install and maintain antivirus packages on all computers. Most cyber attacks target desktop PCs, so a proactive antivirus solution will nip many threats in the bud.

Be sparing with IT credentials. Human error or malice underpins many issues, so give junior staff limited IT access – and don’t automatically trust sub-contractors.

Create regular data backups. Ransomware is a growing threat. Create nightly data backups in a secure location to keep the company running if any data is lost.

Educate staff. Don’t assume they know it all. Enforce periodic password changes, explain about phishing, set automatic logouts/screen locks, and show them this blog!

Update all software. Preventing cyber attacks can be as easy as ensuring web browsers, routers, operating systems and software packages are all patched and updated.

Choose strong online partners.The best online hosting firms have a robust approach to security. Don’t skimp by using a cheap firm with less commitment to safety.

Use a firewall. Available in both hardware and software varieties, a firewall provides a discreet extra layer of protection against DDoS and malware attacks.

Always encrypt sensitive data. Give your router a complex password, and send information through it rather than across public (unencrypted) WiFi or 4G networks.

Ensure former staff don’t retain access. Insist on company devices being returned, change all corporate passwords, close their accounts and delete their profiles.

Deploy two-factor authentication. Use 2FA whenever it’s available to deliver an additional layer of security for email accounts, intranet access and account logins.

Approach email with caution. Teach staff to be email wise by scanning attachments before opening them, and not clicking hyperlinks in unsolicited messages.

Consider hiring an expert. An array of ethical hackers, cybercrime experts and freelance security consultants will audit your IT systems and identify improvements.

Follow the news. Set up news alerts to follow current events. This often provides insights into current criminal activities, and new ways of preventing cyber attacks.

Neil Cumins author picture

By:

Neil is our resident tech expert. He's written guides on loads of broadband head-scratchers and is determined to solve all your technology problems!

News What's the story?

Keep up with the latest developments in UK broadband.

United Nations warns of ‘digital welfare dystopia’

The UN has warned internet users of handing over their data to ‘big tech’ and accused companies of exploiting the poorest users.

United Nations warns of ‘digital welfare dystopia’United Nations warns of ‘digital welfare dystopia’ Read more

BT and O2 launch 5G in the same week!

BT and O2 are the latest networks to enter the bitter high street 5G battle.

Read more

UK Porn block for children has been scrapped.

The government’s controversial ‘porn blocker’ plan, mired in delays and problems, has been officially scrapped.

Read more

Gigaclear undertake costly fibre install UNDER River Severn to reach rural customers

The upstart ISP embarks on ambitious plan to ensure rural customers have access to full fibre broadband!

Read more

Help Learn with us

Make the most of the internet with our broadband library.

Minimum connection speeds for common online activities

Read more

How many companies provide full fibre broadband?

Read more