According to the UK Cyber Security Breaches Survey, nearly 40% of all businesses in the UK have reported a cyber attack in the 12 months preceding the survey. Within that sample, more than 30% suspected they were attached at least once a week. You might be tempted to assume the businesses that were attacked were all large, corporate organisations. However, any business can be the victim of a cyber-attack, so it’s important to ensure your security is up to scratch.
One UK-based tech company we spoke to discussed with us some of the ways that businesses ensure that their online security is sufficient. TechQuarters, an IT support provider London businesses rely on for security, compiled their top 10 tips for security, as listed below:
Backing up your data is an effective way of ensuring that you are insulated against a cyber attack that might result in data loss. There are a wide array of services and software that make it easy to perform backups. The general rule is that a business should backup their data to an off-site location. Nowadays this usually means the Cloud – the advantage of this is that backups can be performed quickly and frequently; and the data can be accessed from anywhere, provided you have the necessary access permissions.
Keep Software and Systems Up-to-Date
One of the key reasons that patch updates and new versions of software are developed is because oftentimes, developers find vulnerabilities and faults in the original or old versions. The updates are designed to eliminate those vulnerabilities, which is exactly why it is important for businesses to ensure that their software and systems are always up-to-date. London IT support companies like TechQuarters include updating software in the services they provide, because businesses often forget, or don’t have the time themselves to perform this kind of maintenance.
Use Anti-virus and Anti-malware software
This should be a prerequisite for not only every business, but every individual that uses technology and the internet on a regular basis. You should have antivirus and antimalware on every device that accesses the internet, and the software should remain up-to-date. There are lot of reliable antivirus and antimalware providers on the market – some good examples are Norton, McAfee, and Bitdefender.
Use Strong, Diverse Passwords & a Password Manager
It is very important to use a diverse range of strong passwords. The minimum requirements for a strong password is that they should contain at least one number, symbol, uppercase letter, and lowercase letter. A strong password should also be more than 8 characters long. Nowadays, hackers use software to quickly crack passwords, but the longer and more complex a password is, the longer it will take to crack (this is known as password entropy). Ideally, passwords should comprise real words and phrases, as these are much harder to crack.
It goes without saying that every password you use should be unique – no using the same password for multiple accounts. To make this easier, it is recommended that you use a trusted password manager – such as LastPass or BitWarden.
Beware of Phishing and Ransomware Attacks
Phishing attacks are scams designed to convince a user to hand over sensitive info, or download a virus to their device. There are lots of ways this happens – for instance, social engineering, where you think you’re talking to someone trustworthy online, but it’s actually a hacker. Other examples of phishing scams include ads on websites that encourage you to click on them and when you do, you are directed to a malicious website, or a virus is discreetly downloaded to your computer or phone.
Ransomware attacks are equally dangerous. These attacks work by stealing your data, or locking you out of an account, and restricting access until you pay a ransom.
Performing regular backups of data is an effective way for businesses to insulate themselves against ransomware attacks, but vigilance is the most effective defence against phishing scams.