Home » Help » Protecting your small business against cyber attacks

Protecting your small business against cyber attacks

photo of a man working at a computer

Wednesday, 17 July, 2019

Napoleon once dismissed the British as a nation of shopkeepers, but today, we could more accurately (and less patronisingly) be described as a nation of entrepreneurs.

There are an estimated 5.7 million small and medium-sized enterprises in the UK, including millions of micro-businesses employing less than ten people.

Collectively, these companies generated two trillion pounds of turnover. And every single one will have experienced an attempted cyber attack in the last twelve months.

The threat is real

Contrary to popular belief, cyber attacks don’t just include Distributed Denial of Service (DDoS) assaults on network servers, intended to take a business offline.

The catch-all term ‘cyber attack’ includes phishing – those tiresome “your account has been compromised” emails, or “reset your password” SMS messages.

It includes password theft and brute force login attempts, where an automated program known as a bot attempts to access databases or other sensitive corporate data.

It even extends to technical processes like cross-site scripting attacks, which involve a level of complexity beyond most small business owners.

But how can any entrepreneur or small business owner go about preventing cyber attacks if they don’t know their XSS from their SQL?

These are our tips for keeping companies safe…

Preventing cyber attacks

Develop a security plan. Identify where your firm might be vulnerable – customer databases, ecommerce platforms, etc – and toughen security around any key assets.

Standardise data management. Build on the previous point by using a single software package with consistent security, such as password-encrypted Excel files.

Install and maintain antivirus packages on all computers. Most cyber attacks target desktop PCs, so a proactive antivirus solution will nip many threats in the bud.

Be sparing with IT credentials. Human error or malice underpins many issues, so give junior staff limited IT access – and don’t automatically trust sub-contractors.

Create regular data backups. Ransomware is a growing threat. Create nightly data backups in a secure location to keep the company running if any data is lost.

Educate staff. Don’t assume they know it all. Enforce periodic password changes, explain about phishing, set automatic logouts/screen locks, and show them this blog!

Update all software. Preventing cyber attacks can be as easy as ensuring web browsers, routers, operating systems and software packages are all patched and updated.

Choose strong online partners.The best online hosting firms have a robust approach to security. Don’t skimp by using a cheap firm with less commitment to safety.

Use a firewall. Available in both hardware and software varieties, a firewall provides a discreet extra layer of protection against DDoS and malware attacks.

Always encrypt sensitive data. Give your router a complex password, and send information through it rather than across public (unencrypted) WiFi or 4G networks.

Ensure former staff don’t retain access. Insist on company devices being returned, change all corporate passwords, close their accounts and delete their profiles.

Deploy two-factor authentication. Use 2FA whenever it’s available to deliver an additional layer of security for email accounts, intranet access and account logins.

Approach email with caution. Teach staff to be email wise by scanning attachments before opening them, and not clicking hyperlinks in unsolicited messages.

Consider hiring an expert. An array of ethical hackers, cybercrime experts and freelance security consultants will audit your IT systems and identify improvements.

Follow the news. Set up news alerts to follow current events. This often provides insights into current criminal activities, and new ways of preventing cyber attacks.

Neil Cumins author picture

By:

Neil is our resident tech expert. He's written guides on loads of broadband head-scratchers and is determined to solve all your technology problems!

News What's the story?

Keep up with the latest developments in UK broadband.

Can the internet cope with mass self-isolation?

With traffic at unprecedented highs, can the web's infrastructure cope?

Can the internet cope with mass self-isolation?Can the internet cope with mass self-isolation? Read more

UK ISPs remove data caps during pandemic

The UK’s biggest broadband providers have agreed not to limit internet allowances during the current crisis.

Read more

The rise and rise of Chinese tech firms

Read more

The new homes with 1GB broadband connections

Read more

Help Learn with us

Make the most of the internet with our broadband library.

2.4GHz vs 5GHz wifi – what’s the difference?

Many modern routers offer dual-band wifi - but which band should you use?

2.4GHz vs 5GHz wifi – what’s the difference?2.4GHz vs 5GHz wifi – what’s the difference? Read more

What are the best streaming services for children?

Read more

Why do I need to use One Time Passwords?

Must we forever put up with those extra layers of security...

Read more

Can you access the Dark Web without the Tor browser?

Read more