Many small and medium businesses avoid thinking about their cybersecurity. This may be for a number of reasons, including fear, financial constraints and human resource issues. Predominately, however, many businesses do not focus on their cybersecurity as they believe cyber threats are only real for large businesses. Unfortunately, small to medium-sized businesses are often the target of malicious cybercriminals due to their weak cybersecurity. Below we look at some commonly overlooked threats in SME cybersecurity.
USB sticks
Due to their small size, USB sticks are portable which makes them incredibly useful. However, USB sticks are therefore also very easy to steal and manipulate if they are not kept in a safe place. Harmful bugs and virus software can be installed on USB sticks so it is essential that you never plug a USB stick into your computer if it has been out of your possession, e.g. if you have been given one for free or if your missing USB stick is miraculously returned to you. It is also important to make sure your USB stick is encrypted and password protected.
Zombie accounts
In 2019, GDPR was undoubtedly a dominant topic, and the new regulations forced businesses to consider how they find and store their data more than ever before. Even if a business is compliant with GDPR, they still need to consider the risk of zombie accounts. Zombie accounts are online accounts closed by their user and then re-opened again by a third party, without the original user’s consent. Business owners should also be aware that zombie accounts can also be the accounts of previous employees, giving hackers access to your website and private business information. Identifying, deactivating and deleting any potential zombie accounts is essential to ensure the safety of your business. Cybersecurity services, such as Cyber Smart, can help you do this.
Data security
To ensure you can maintain the legally required GDPR compliance, storing your client’s data safely is essential. Many businesses find data storage overwhelming and feel they don’t have the time or resources to properly understand or manage their data. There are, however, easy steps you can make to ensure your client’s data is protected.
- Implementing strong passwords is essential to protect your self from a security breach. Using a combination of capital and lower-case letters, numbers and symbols and make it 8 to 12 characters long will make your password hard to crack.
- Install a firewall – In order to have a properly protected network, firewalls are a must. A firewall protects your network by controlling internet traffic coming into and flowing out of your business.
- Making sure your computer is properly patched and updated is a necessary step towards being fully protected. Updating your programs keeps you up-to-date on any recent issues or holes that programmers have fixed.
Cyber Smart can help your business earn Cyber Essentials Plus certification, the highest level of this government-backed certification, helping you ensure your company is safe against the most common threats. In achieving this certification, you can be confident you are protecting your business, data and give your customers the added assurance.
If your business is hit by a cyber-attack, not only could you stand to lose a lot financially, you will also lose the trust of your clients, something that is almost impossible to regain. To ensure you avoid such a problem, contact CyberSmart today and a member of our expert team will help improve your cybersecurity.