5 cyber security tips for small businesses

As a small business, the risk of potential attacks from cyber criminals is much greater than the typically more protected enterprise.

With less protection set in place or IT resources to help your business recover from a breach, a cyber attack can mean the difference between success and failure for your small business.

According to Symantec’s Internet Security Threat Report, there has been a steady increase in attacks targeting businesses with less than 250 employees – with 43% of all attacks targeted at small businesses.

Here are 5 cyber security tips to protect your small business from potentially catastrophic leaks, crashes, errors and hacks.

1. Update your security software

We all get them – those software and system updates offering critical defence against security threats. What you might not have known is that these defences come after malware and other security incidents have occurred.

By ignoring these updates you are leaving unprotected systems vulnerable – creating opportunities for your small business to lose critical information, productivity and money.

Keeping your security software updated can be the first line of defence against malicious activity, be sure you have firewall and antivirus software in place and updated.

2. Back up everything

The data on your business computer will more than likely include important documents and software. Modern computer hard drives can hold massive volumes of data, making the consequences of loss of these documents and software disastrous for your business.

Backups are an easy way for you to protect your data by copying and storing it somewhere other than your computer hard drive.

There are a variety of different methods available for backing up your data. Whichever you choose, it is essential that you plan for total loss of your data and also store your backup device on a different premises.

3. Improve your passwords

Simply using ‘password’ or ‘123456’ as your password for everything just doesn’t cut it. As authentication hacking tools become more complex, your passwords need to do the same. Your password should include diverse characters such as capital letters, numbers and symbols, and be as long as possible.

Using passphrases (a sentence or a sequence of random words) rather than passwords is a great approach to consider. Not only does this result in something that’s difficult to crack, it also results in something that’s generally easier to remember and faster to type than a random password.

Be sure not to share your passwords with others and never reuse passwords; if one site suffers a breach, all of your accounts could be exposed as a result.

4. Ensure employees understand online security

Make sure all your employees understand the basics in online security, and that they may be targeted by online criminals. Employees can often be the biggest security risk to a company – but at the same time, they can be your strongest defence. Taking the time to train them when it comes to protecting your business and your customers online is vital, and that includes making sure they know how to report anything suspicious.

5. Live in the cloud

Cloud storage allows you to move files from your computer to a server in a data centre, away from your home or work. Cloud backup providers essentially ‘rent’ space on their servers for online storage backups.

If you’re using DropBox, Google Drive, or OneDrive – that’s an example of a cloud backup. Cloud backups are highly flexible and storage is scalable.

Cloud computing can offer greater security because no matter what happens to your computer, your data is stored in the cloud and can be accessed anywhere. You can even remotely wipe data from your lost workstation so it doesn’t get into the wrong hands. However, relying on cloud systems means that you can’t take shortcuts with things like passwords, so always follow the advice in section 3. If websites offer two-factor authentication (where a security code is sent to your mobile phone as a second verification step before you log in), then always enable it.





The views, opinions and positions expressed within the British Gas Business Blog are those of the author alone and do not represent those of British Gas. The accuracy, completeness and validity of any statements made within this blog are not guaranteed. British Gas accepts no liability for any errors, omissions or representations. The copyright in the content within the British Gas Business Blog belongs to the authors of such content and any liability with regards to infringement of intellectual property rights remains with them. For more information about the mix of fuels used to generate our electricity simply visit britishgas.co.uk/business/about-us. You can find information about how to make a complaint at britishgas.co.uk/business/complaints.