Protecting your small business against cyber attacks

photo of a man working at a computer

Wednesday, 17 July, 2019

Napoleon once dismissed the British as a nation of shopkeepers, but today, we could more accurately (and less patronisingly) be described as a nation of entrepreneurs.

There are an estimated 5.7 million small and medium-sized enterprises in the UK, including millions of micro-businesses employing less than ten people.

Collectively, these companies generated two trillion pounds of turnover. And every single one will have experienced an attempted cyber attack in the last twelve months.

The threat is real

Contrary to popular belief, cyber attacks don’t just include Distributed Denial of Service (DDoS) assaults on network servers, intended to take a business offline.

The catch-all term ‘cyber attack’ includes phishing – those tiresome “your account has been compromised” emails, or “reset your password” SMS messages.

It includes password theft and brute force login attempts, where an automated program known as a bot attempts to access databases or other sensitive corporate data.

It even extends to technical processes like cross-site scripting attacks, which involve a level of complexity beyond most small business owners.

But how can any entrepreneur or small business owner go about preventing cyber attacks if they don’t know their XSS from their SQL?

These are our tips for keeping companies safe…

Preventing cyber attacks

Develop a security plan. Identify where your firm might be vulnerable – customer databases, ecommerce platforms, etc – and toughen security around any key assets.

Standardise data management. Build on the previous point by using a single software package with consistent security, such as password-encrypted Excel files.

Install and maintain antivirus packages on all computers. Most cyber attacks target desktop PCs, so a proactive antivirus solution will nip many threats in the bud.

Be sparing with IT credentials. Human error or malice underpins many issues, so give junior staff limited IT access – and don’t automatically trust sub-contractors.

Create regular data backups. Ransomware is a growing threat. Create nightly data backups in a secure location to keep the company running if any data is lost.

Educate staff. Don’t assume they know it all. Enforce periodic password changes, explain about phishing, set automatic logouts/screen locks, and show them this blog!

Update all software. Preventing cyber attacks can be as easy as ensuring web browsers, routers, operating systems and software packages are all patched and updated.

Choose strong online partners.The best online hosting firms have a robust approach to security. Don’t skimp by using a cheap firm with less commitment to safety.

Use a firewall. Available in both hardware and software varieties, a firewall provides a discreet extra layer of protection against DDoS and malware attacks.

Always encrypt sensitive data. Give your router a complex password, and send information through it rather than across public (unencrypted) WiFi or 4G networks.

Ensure former staff don’t retain access. Insist on company devices being returned, change all corporate passwords, close their accounts and delete their profiles.

Deploy two-factor authentication. Use 2FA whenever it’s available to deliver an additional layer of security for email accounts, intranet access and account logins.

Approach email with caution. Teach staff to be email wise by scanning attachments before opening them, and not clicking hyperlinks in unsolicited messages.

Consider hiring an expert. An array of ethical hackers, cybercrime experts and freelance security consultants will audit your IT systems and identify improvements.

Follow the news. Set up news alerts to follow current events. This often provides insights into current criminal activities, and new ways of preventing cyber attacks.

Neil Cumins author picture

By:

Neil is our resident tech expert. He's written guides on loads of broadband head-scratchers and is determined to solve all your technology problems!

News What's the story?

Keep up with the latest developments in UK broadband.

Three launches 5G, EE complains about it

Three's marketing angers competitors over "false" 5G claims.

Three launches 5G, EE complains about it Read more

KCOM buyout means more fibre for Yorkshire

Hull's homegrown ISP sells for more than half a billion.

Read more

Virgin gigabit trials begin in Southampton

Nationwide gigabit takes a big step forwards with Virgin's new network upgrade.

Read more

Tesco customers get triple value with NOW TV

Get the most out of your Clubcard points with streaming discounts.

Read more

Help Learn with us

Make the most of the internet with our broadband library.

Broadband Jargon Buster

Get to grips with some commonly misunderstood tech terms!

Broadband Jargon Buster Read more

Signs your computer may have a virus

Read more

What are the risks of using public WiFi?

Read more

How to optimise WiFi connections in old buildings

Read more
Back To Top