I came across a statistic recently which was 60% of small businesses will fail within 6 months of a cyber attack, which is shocking but also completely understandable, due to loss of earnings, loss of reputation, loss of clients, the impact can be huge. So why is it we don’t take this more seriously. And by the way I am talking about myself too, its so easy to keep piling on with the urgent things we need to do every day, cause clients and deliver work that things that are not considered urgent sit on that ever growing pile of things we know we should be doing but never getting round to doing.
But actually taking some simple precautions and making them part of our day can help to ensure that we never get into the situation of our business failing because of an attack. And whilst you may never be able to stop an attack the more precautions and more prepared you are the less of an impact it will have on you and your business.
1.Use complex Passwords
Its one where I think most of us fall down, and we all know we should be using more complex passwords. I have a huge amount of passwords like most people, for all the sites I visit and thats not including my computers, laptops, iPad, banking and other Apps I have. I have fallen down the trap of using passwords that mean something and the same password across many different sites, and I definitely should have known better!! One of the things that has helped is lastpass, it sits on your browser bar, watching you enter in passwords and asks you if you want to save the password if it detects you are signing on. It also offers to generate strong passwords for you… those ones that look like a random set of numbers letters and symbols.
2.Auto locking of phones / tablets
This is an easy one to setup but often forgotten, although most phones now are forcing you to do this when you first setup your phone. Make sure its on so that when you put your phone down it doesnt fall prey to someone on the off chance taking your phone or tablet in order to see what data you have on it.
3.Make sure you allow updates to install
Windows updates, Office Updates, Browser updates, phone updates, tablet updates…. the list goes on!!! And again its so tempting to keep postponing the update or ignore it because your in the middle of that big presentation!! But updates although can be the bane of our lives are there to protect us from all those nasty loopholes and bugs those people want to exploit to get onto our files. Make sure you have updates scheduled to run regularly and you don’t keep on postponing them!
4.Use Anti-virus software
Its very tempting to try and get away with this one, especially as there is a cost involved and often its not dealt with until its too late and you have a virus or your computer has slowed down to the point you need to go and make a coffee every time you open a file. Norton is still considered the best Anti-virus software around and from £29 for a single licence or £49 to cover 10 devices I dont think this is a bad price.
But if you really cant afford it then Avira is the best free product on the market at time of writing this
5.Don’t click on links in emails from senders you don’t know
Again this is a fairly obvious one, but actually email scams are getting more and more sophisticated. I get emails from what looks like iTunes telling me that I have purchased something I haven’t, I get emails telling me my accounts are about to be suspended as well as the more obvious ones telling me that I have a share in a million pounds if I send some money to release the funds into my bank account!! If you are not sure in anyway dont do it, especially if they are asking you to provide some personal information or download something. One of the things I make a point of now is to login to the site the way I would normally and not using the link in the email. So in the case of iTunes the first time I saw that I was concerned I had purchased something I hadnt meant to, so I went to itunes.apple.com and logged into the account in my normal way, and of course there was no record of the purchase.
6.Use two factor authentication
The idea behind two factor authentication is that its highly unlikely that someone would have two things in their possession to impersonate someone else. You may already be used to this and not realise it, when you email account or bank account wants to text you a code to put into the browser. This code is changed all the time making it virtually impossible for someone to impersonate you. Although of course it means that you have to have your phone with you! Luckily mine never is out of my sight! I highly recommend using this and setting it up with every service that offers this.
7.Be careful what you download
I mentioned this above but one of the highest reasons for getting viruses, malware etc is still from downloading something, many supposedly free software which looks legit is actually masking malware, and as well as that they will often force you to enter personal details to gain the download which then can be sold on. The old adage of if it looks to good to be true then it probably is, is a good one here. Use well known brand names or recommendations from other people to limit your risk of getting malware or viruses on your computer.
8.Take regular backups of everything
This is something that often gets forgotten about until your computer crashes or you delete something you really need!! Or when you have a website hacked which I had recently. So set it up!! And this one is free!
9.Be careful the information you share on social media
Its so easy to get into the flow on social media, sharing your life and what’s important to you, just be aware that people might be gathering a picture of you, so that name of your dog which you use as a password might be useful to someone watching, that postcode of your house you need to send to your friend send privately and ideally on an encrypted channel such as Whatsapp
10.Have a plan, calculate the risks and plan for how you would respond to a cyber attack
Very few people have plans in place for this, even the people like myself who should know better!! But believe me when I say it is worth the time and effort, for that day when everything goes down and you have things in place to cope. This is what will be the difference between an organisation going under after a hacking attack or not! There are some great resources out there to support you getting this together and is easier than you think.