We discuss cybersecurity quite a lot here at totality services—online in our blog and the office. Why? Because it’s such a huge component in the IT solutions that we undertake for our clients, so here are some tips to take into consideration if you want to feel free of cyber worries.
Business safety, protecting your data, and minimising system downtime are all imperative for a company to operate efficiently and within budget.
Keeping your IT security on point should remain a primary concern throughout 2020. The incidents witnessed in 2019 help us to understand the issues we can protect ourselves from, as well a hopeful insight into whatever the next wave of infiltration and digital disaster areas might be.
In this article you’ll discover:
- Small businesses are prime fodder for hacking
- What did we learn about IT security in 2019?
- Email attacks — the number 1 phishing threat
- Data loss and data breaches
- What can, and should we be doing, in 2020?
- Stay aware at all times – everyone is a target
- Cyber security awareness training
- Keep software up to date
- How to avoid phishing, phone and email scams
- Use a better password management system
- Do you know quite what you’re clicking on?
- Keep your devices under strict control
- Protecting sensitive data
- Operating with mobile safety in mind
- Use anti-virus software
- Back up, back up, back up…
- Use a firewall
- Use a VPN
- Two factor authentication
- Stay vigilant then, and stay safe at all times
Small businesses are prime fodder for hacking
The headlines are often reserved for the biggest businesses, yet hackers love the small business. Whether it’s down to smaller budgets to protect systems, or fewer resources to keep up-to-date and on top of the most current attacks. They can’t always hold the same level of protection as their larger counterparts; making much lighter work of removing the critical information and data such hacks are designed to pilfer.
Around three-quarters of cyber-attacks are carried out against businesses with less than 100 employees. Are you one of those businesses operating in an elevated area of risk? We hold all of the security solutions in London businesses need to stay safe.
What did we learn about IT security in 2019?
Well, for one thing, we learned that the profits hailed from traditional ransomware attacks were in decline.
However, those responsible for the attacks responded by shifting their efforts to where they expect to garner more desirable results. It now appears that the areas they expected to see the most success was aiming less traditional attacks at senior managers and executives.
Email attacks — the number 1 phishing threat for
As we expected, email attacks are still the central area of danger from phishing. The sophistication of how they function is increasing and is a prime concern for protection.
Data loss and data breaches from a lack of encryption and inadequate security networks
Protecting our data is vital with so much of our business and financial transactions happening online, so it’s surprising still, that so much data loss occurs due to unencrypted devices and networks with low-grade security.
As much as these areas may sound Greek to non-IT speaking individuals, options are abundant for those searching out an IT solutions company in London to handle security solutions on their behalf. Did you spot the hint there? We’re ready and waiting for your call.
What can, and should we be doing, in 2020?
We’ve produced this straightforward list of items that every small business should be considering; things we think are simple and easy to implement into our digital daily lives. For many, there are plenty that are regularly overlooked and still provide access to prying eyes (and thieving hands) that none of us needs near our data.
How many of the following are you pro-active against? And how many do you need to improve on?
Wherever you fall short, as specialists in IT outsourcing in London, we’re ready to come to your rescue.
Stay aware at all times – everyone is a target
The sad news is that everyone is a target, and nobody is invulnerable to a bout of phishing, hacking, or losing access to their different devices.
As well as every individual in your business remaining vigilant, whoever’s responsible for your IT security should be making sure that every team member is appropriately trained to stay as safe as possible.
Cyber security awareness training
Amazingly, almost all of our cyber-attacks are engineered around social engineering. That’s only 2 or 3% off all cases that don’t involve some element of human interaction. Whether through email, phone calls or text, generally, it’s the manipulation of the operative that allows a weakness to be exploited.
To minimise threats and damage, your staff need to be trained to understand the effects of IT security. How data breaches happen. The sophistication of email scams. How secure are the applications they’re installing and the cloud systems they access? As well as the pitfalls concerning shared login details and weak passwords.
Keep software up to date
Here’s a real nugget of information that a lot of users aren’t aware of; every piece of software we use provides a potential point of unauthorised access.
It’s practically impossible to bolt shut every back door in our software. That’s why so many patches are released to protect you from the latest opportunities revealed by the hackers.
Fortunately, both MacOS and Android operating systems release countless and constant security updates to keep you protected.
Setting your devices to update automatically should be standard for everyone—for all software and applications.
How to avoid phishing, phone and email scams
Around half of all UK employees have clicked on a phishing email at some point in the past 6 months. It’s no wonder that it’s so prevalent then, among attacks on small businesses.
As we’ve already touched upon, it’s the human element that’s the simplest to crack. When your attackers want access to your bank details, credit card or passwords, gaining access is likely to come from email, social media or a simple phone call to find their way in.
Spam filters can block untrustworthy senders, but there will still be messages to slip through; to keep on top of those, education is your best ally. Simple flaws in their presentation should trigger your response—poor spelling, unprofessionally written copy, suspicious-looking URLs—staying aware means staying safe.
Use a better password management system
There are so many ways now to control our passwords. Everyone should be aware that a weak password could easily be cracked.
Password predicting software that looks for real words and patterns are old news, so longer and more complicated passwords are a must, yet remembering them is almost impossible, especially when we’re advised to use a different password for each login.
Password tools are a great way to keep everything tight and in one secure place. They’ll generate strong, secure passwords and store them too. All you have to do is make sure you can remember the single super-strong password you use to access them!
Do you know quite what you’re clicking on?
Your workplace should have policies to control what is considered safe email use and website access in your workplace.
It’s simple for developers to implement malware directly into a website. The same goes for software downloads from untrusted sources. They can often operate silently and granting automatic access that will compromise your computer. Different scripts can be activated clicking the most innocent-looking links. Do you check the links in your browser to check they’re not enabling a java or other script that could lead to a data leak of some sort?
Consider taking steps to protect yourself with browser plug-ins that prevent automatic downloads and keep your browsing safe.
Keep your devices under strict control
It should be too basic to mention, but if you’re going to leave a device or machine unattended, lock it up, and keep it safe from prying eyes and fingers.
There are many ways to speedily remove important information from our devices if left in the right (or wrong!) hands for more than a minute or two.
If you work in a busy office or studio, or if you share a working environment with anyone other than your most-trusted team members, you should lock up your laptop, tablet or PC whenever they’re left unattended. You should also consider their associated accessories, and include them as part of your security routine.
Have you thought about locking your external drives, USB sticks and ports? It’s easy to overlook, but there’s often just as much sensitive information available from those too, and they are rarely protected from any-user access.
Protecting sensitive data
There are designated protection levels regarding our most sensitive data, for example, do you hold information about your bank accounts, credit cards, health information or legal records on any of your computers or devices?
If you do, are they in open access areas or protected by appropriate encryption and secure applications? We shouldn’t have to remind anyone (but we do, and regularly, unbelievably) that you should never have a list of passwords, banking and personal information stored in a file on your PC. Yet so many still do.
We all ride our luck a little at times, but this should be an absolute no-no given the huge issues it can lead to.
Operating with mobile safety in mind
For such a small and easily accessible (and losable) item, you’d think we’d take more care, not only looking after our mobiles but keeping everything they contain safe too.
The basics we should adhere to are simple. Lock them at all times, never leave them unattended, update your operating system whenever available, utilise your mobile’s data encryption, enable the Android Device Manager or Apple’s Find my iPhone in case of worst-case scenarios, and always, ALWAYS, back up your data.
Use anti-virus software
Prevention is better than cure. Every piece of added protection we use is one less chance we have of being infiltrated by hackers and phishers alike.
There are free options for Windows 8 and later users, and there is still a range of trusted options for those using older systems. The same goes for OS users.
Protecting your machines should become a little more straightforward. Be sure to keep virus definitions, and the software itself updated, and make sure you that when you’re choosing your anti-virus software, you pick one that comes from a trusted provider with strong recommendations.
Back up, back up, back up…
We all love a good scary statistic to keep us on our toes, so to make sure you understand the seriousness of the situation, 60% of small businesses that suffer a major data loss close down within 6 months.
Did you just flick the backup switch? I hope so. And I trust you also set it to happen automatically from now on.
Don’t just back up your data though; protect yourself with an ideal backup practice.
We recommend various methods, but ultimately you should have copies of your backups in several locations.
If you’re going to store backups on hard drives or USB sticks, make sure they’re adequately encrypted, and always, ALWAYS have an off-site solution.
If you need advice on the best options available for your business, there are plenty of IT support companies in North London and throughout the Capital. Give us a call with any of your questions. We’ll be happy to organise a consultation and provide a bespoke solution that meets all of your operation’s needs.
Oh, and make sure to include regular backups of your website and email servers too.
Use a firewall
Putting a wall around your business to protect it is a must. A network firewall acts as security for each of your business terminals against unauthorised incoming and outgoing traffic. Windows and OS have firewalls built in—so make sure you’ve turned them on at the very least.
The smaller office should implement a hardware-based firewall to protect their network. Given they’re a little more specialised to set up, leave it to the experts (us!). We offer the complete range of IT support Central London businesses could ever need.
Use a VPN
If anybody in your operation works remotely or regularly accesses public Wi-Fi, a VPN should be a must.
Sniffing tools are increasingly popular and sophisticated. Logging on to a coffee shop or hotel Wi-Fi can leave you vulnerable to snooping. A VPN will protect your data from anyone on the same network and also hide your Internet traffic.
A VPN will connect you to the Internet privately and anonymously, creating a hidden tunnel between you and anyone trying to track you.
Two factor authentication
2FA adds an additional layer of security to the accounts and transactions they’re designed to protect. By utilising a single-use code via mobile phone delivery, or a number generating token or USB stick, it adds an additional step of security to your transaction—bolstering your password or login key.
Two factor authentication isn’t available for all of your login operations, unfortunately, but wherever it is, you should be taking full advantage.
Stay vigilant then, and stay safe at all times
The good news is it doesn’t have to cost you a small fortune to keep safe and on top of security this 2020.
Many of the items recommended above come at a small cost yet offer huge value.
For areas where specialist implementation is required, we understand all the intricacies of business security solutions, offering IT support in South London, North London and Central London locations—we are always ready to take you to the next level.
Don’t take risks with your business IT solutions. After all, you still want to be here in 2021, don’t you?