A poll by the Guardian earlier this year found that nearly half of those businesses surveyed had taken no steps to protect their businesses from cybercrime, leaving them vulnerable to risks. Cybercrime attacks (e.g. data corruption, hacking and fraud) are both damaging and costly for a business in terms of reputation, cash flow and profitability - they can cause a small business to collapse. A report by the Department for Business, Innovation and Skills concurs that many small businesses are underestimating the risks the face from cybercrime:
Emma Philpott, CEO of IASME, stated: “Many businesses simply don’t realise they are at risk and assume cyber criminals are only targeting banks or large online retailers”.
Where are the risks?
According to the government, problems arise when staff leave their computers exposed to malware through external devices such as USB sticks; when infected emails are opened; when staff use weak passwords or outdated software; or when staff visit unsafe websites which have “unsafe code” .
How should businesses protect themselves from cybercrime?
The government has launched a website called ‘Cyber Street’ designed to help small businesses protect themselves from cybercrime. Recommendations from Cyber Street include, but are not limited to the following:
- Learn how to spot Phishing scams. Fraudsters who indulge in phishing scams will send fake emails, texts or social media links to you as part of their scheme to steal your private information from you. A popular scam is to pretend to be from your bank or from particular organisations such as HMRC and ask you to click on their links to ‘update your details’ or view ‘important information’ about your account. Websites such as Action Fraud and Get Safe Online are worth visiting regularly to find out about the latest scams.
- Ensure you have the best anti-virus software and malware removal packages. Anti-virus packages will provide good protection from viruses, and although many are free, you can upgrade to obtain greater functionality.
- Always install software updates as soon as they become available. According to Cyber Street, software update releases are timed to “patch vulnerabilities”. Checking for updates manually is also good practice.
- Ensure your passwords are as impenetrable as possible. According to Roboform, you should use a different password for every site and change your password regularly, e.g. monthly. Roboform also recommends passwords that have upper and lowercase letters in addition to numbers and symbols. It’s also important to ensure your mobile devices are password protected. If frequently having to change your password seems like a chore, consider using a password management system which only requires you to remember a master password.
- Shop at sites that use https://. This is an easy way to determine if a site is secure. If a site doesn’t use this in its URL, check reviews about the site before shopping at the site.
- Secure your wireless network. According to Cyber Street, If, when searching for available networks there’s a padlock icon showing next to your network, this means it is secured. Otherwise, you’ll need to create a password, using WPA2 to denote the encryption type.
- Obtain an SSL certificate for your online stores. According to Global Sign, when installed on your server, SSL data files will generate the padlock icon your buyers need to see to enable them to feel secure when shopping on your site. SSL data files enable secure connections from a server to a browser. If you have an online store, you will need to develop a way of differentiating between genuine buyers and bogus fraudsters, too.
You don’t need to have a business to be concerned about cybercrime; and you don’t need to be Sony’s Amy Pascal to feel the pain of a cyber attack. The effects of crime are distressing to everyone, and these tips, as well as the information from the links I’ve shared in this post, should help ensure your time spent online is a safe and secure experience.
Image via Security Intelligence