Human error is by far the most likely way that you will have a security breach of some sort,yet it is also one of the easiest ways to ramp up your protection.
It’s easy to think you’re a small business and no one is interested in what you’re doing, but the fact is, if you make it easy for hackers and fraudsters you become a target by default.
By simply implementing basic security protection, you are less likely to become a target, so here’s our five simple steps to keep you as safe as possible online:-
1. Anti-virus and anti-malware protection
It goes without saying that you should have anti-virus and anti-malware protection in place.
Between them they will stop most of the nasty things out there lurking in cyber space. Anti-virus protects you from the legacy viruses which are still around today, and anti-malware generally tackles all the newer, more sophisticated attacks although it too guards against viruses. Unfortunately, no one tool can protect you against everything so a multi-layered approach is considered the best.
You’ve probably heard this a hundred times but it’s true and we bet you don’t do it: change your passwords regularly.
The more complex your passwords, the stronger they are and the less likely you will find yourself the subject of an attack. Use a combination of capital letters, lower case letters, numbers and symbols. It should be 12 characters long and ideally be a set of random characters although the difficulty then is remembering it. You could come up with a phrase such as ‘my first job was a barman in London, the money was awful, the hours were long but the people were great’ and take the first letter from each ‘MfjwabiL,tmwa,thwlbtpwg’ maybe add a number in ‘MfjwabiL,tmwa,thwlbtpwg8’ for good measure.
You can also purchase a password manager (like LastPass, Dashlane and others…). That way you only have to remember one really strong password for your manager which then randomly generates strong passwords for all your other accounts from banks to social media and online shopping.
The temptation is to use the same password for everything and that means you can be asking for trouble.
Installing a password manager takes the headache away and does the hard work for you.
Often the weakest link in a system is its emails and you only need to mistakenly click on one of these phishing emails and, boom, your security has been breached.
We’ve all seen emails supposedly from HMRC (telling us we’ve overpaid our tax and we’re owed some money, whoop, whoop, the tax man giving us money, that’s not going to happen so DON’T CLICK) or from the Royal Mail or Parcel Force informing us about our delivery (hang on, I didn’t order anything, better check that out, err, no, you didn’t order anything, you don’t need to click).
The important stat you need to know…
Staggering, isn’t it?!
Look out for them. If it looks dodgy or too good to be true, it probably is so don’t click.
This brings us nicely onto your employees.
It is imperative that you make them aware of the kind of phishing emails circulating and what to do if they spot something suspicious.
You also need to have policies in place when it comes to providing information such as bank details to email requests.
Spoofing emails are nothing more than old fashioned con tricks given a digital edge, more common in larger organisations where an email purports to be a supplier or a big boss asking you to transfer payment immediately.
The fraudsters would have been scanning your emails to find the info they need to do a convincing con job. Sometimes they will be looking out for customer information so if you have a car sales site, a scammer may identify a customer who is buying a car and send them an email pretending to be you asking for the deposit or balance to be transferred to an account providing false details.
Of course, the first time a customer becomes aware is when you call to request the funds and the customer relies they have been duped.
If you have strict policies in place such as ‘we never provide bank details by email’ and you make customers aware, it means if your customer receives such an email, they are less likely to fall for the scam and find themselves out of pocket.
Likewise, have strict policies in place for your employees when it comes to email requests for payments.
Educating your employees need not be a costly business. There are plenty of free webinars online providing advice on cyber security. You could start with the government’s own guidance whilst it has also produced information aimed at small businesses.
5. Third party systems
Most businesses will use third party systems to fulfil a variety of functions. In the motor trade, there are a number on the market and chances are you will have a fair few in place.
The bigger your business, the more likely you are to have several systems in operation such as lead management or CRM.
Many of these will be accessed via the internet so you need to be confident your providers have a strong security policy in place.
You will also need to ensure that your systems are fully up-to-date and any patch releases (repairs or fixes) are implemented.
If you are a Carvue user, you can be assured that we practice what we preach and have adopted a multi-layered approach to our security.
We utlise Microsoft cloud services so you can be confident the very best and latest security technology is in operation. It doesn’t matter how big or small a business, all our clients are subject to the same high levels of security.
If you have any questions about our security policy, a member of our team will be able to help provide you with more information.
Hopefully that’s given you some good pointers. Some may be basic, some you may already be doing, but in combination, these 5 tips should make sure that your business and personal data is much safer in a world with increasing online threats.
If you need more help with your IT security, there are plenty of IT security companies out there (like Razoom IT) who can do a review of your garage and make sure that your business is as secure as possible.