5 steps for your business, and a step forwards to cyber resilience

Cyber security and VPN provider, BullGuard identified in a recent survey that 60% of small businesses choose to keep their head in the sand when it comes to cyber breaches and attacks.


The Cyber Resilience Centre for the West Midlands offers a free Core Membership package. The Core Membership has been designed to enable businesses in the West Midlands to sign up for a free online and receive a welcome pack full of practical resources and tools that will help you identify your risks and vulnerabilities and the steps you can take to increase your levels of protection.


Through your membership, you will also get regular updates on new threats, designed to help you stay safer.


Below we have given details of 5 basic cyber hygiene steps you can take to improve your business’s cyber resilience.



1. Password Security

Cyber criminals can gain access to your accounts by using software designed to crack passwords, they try one password in lots of places or trick you into disclosing your password through scams.

To improve your business’s cyber resilience, you should create strong, separate passwords, and store them safely to better protect your accounts.

If a cyber criminal had the password to your email account, they could:

  • Reset your other account passwords.

  • Access information you have saved about yourself or your business

2. Three Random Words

Use 3 random words to create a unique and strong password and protect your other important accounts in the same way, for example banking or social media accounts.

Do not use words that are personal and guessed such as your pet’s name. Include numbers and symbols where possible but make them memorable to you.


Use a password manager to help you remember your passwords or save your passwords in your web browser. By saving your password in your browser, you are letting your browser (such as Chrome, Safari or Edge) remember your password for you.


This helps you to not lose or forget your passwords and it can help protect you against some forms of cyber crime, for example fake websites.


You can protect your saved passwords in case your device is lost or stolen by doing the following:

  • Turn off or lock your device when you are not using it.

  • Use a strong password to protect your device.

  • Turn on two-factor authentication for all your devices and accounts.

  • Turn on biometrics (Face ID or Fingerprint recognition) if your device supports this.

3. Turn on two factor authentication (2FA)

Two-factor authentication (2FA) otherwise known as two-step verification or multi-factor authentication was designed to help stop cyber criminals from accessing your accounts even if they obtain your passwords.

Two-factor authentication (2fa) means that two different types of information are required before access will be permitted to allow access to an account or computer system.

Many systems already use 2fa already, most online banking providers do this automatically and you are required to provide more information to prove your identity, such as:

  • a PIN, password or code

  • Biometrics - a fingerprint or face ID

You may have used two factor authentication when answering security questions or knowledge-based authentication to access your accounts or computer systems


4. Don’t ignore updates!

It’s easy to get a software reminder on your device and think, I don’t have time to update now, I’ll do it later. How many times do you forget to go back and do that update?


Software, apps, and operating systems that are out-of-date contain weaknesses; updates are not designed to be an administrative process. They are rolled out to allow you to keep your devices, software, apps, and operating systems as safe as possible.


Turn on automatic updates to allow your systems to do the work for you, this means you won’t have to remember to go back and do that update.


Here are the steps for turning on automatic updates for common software/apps and operating systems:

5. Back Up, Back Up, Back Up!

Backing up your data is critical to ensure that you have a copy of your information and data in case your systems are taken offline by cyber criminals.


Backing up your data regularly means that you will always have a recent version of your information saved.

A good example is if you are a personal trainer running your own business and you hold all your client’s data and information on your computer, if that data gets stolen by a cyber criminal. Would you be able to contact your clients and tell them they need to be on the lookout for spam emails or suspicious activity on their online accounts or would you have lost the contact details you had for them?


Turning on automatic back up’s is a simple way to ensure that you have regular backups of your data and information.

A sensible idea is to have more than one back up, stored in different places. An example being storing data backups on a USB stick or external drive and in a cloud system such as Google Drive or, Microsoft OneDrive.


With 43% of all cyber attacks targeted at small businesses, the threat to businesses from cybercrime is real and growing, so there has never been a more critical time to increase your cyber resilience.


Ready to join us or looking for more information? Visit www.wmcrc.co.uk/membership.

The contents of this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of The Cyber Resilience Centre for the West Midlands is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others.  Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. The Cyber Resilience Centre for the West Midlands provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us.

 

The Cyber Resilience Centre for the West Midlands does not accept any responsibility for any loss which may arise from reliance on information or materials published on this document. The Cyber Resilience Centre for the West Midlands is not responsible for the content of external internet sites that link to this site or which are linked from it.

The Cyber Resilience Centre for the West Midlands is a trusted resource for  support to protect businesses and third sector organisations in the West Midlands region.

USEFUL LINKS

CONNECT WITH US

  • LinkedIn
  • Twitter
  • YouTube

© 2021 - The Cyber Resilience Centre for the West Midlands