Business IT

5 security basics your small business should be following

By Anthony Caruana on May 30, 2014 3:03PM
5 security basics your small business should be following

Editor's Picks

Building a modern workplace for a remote workforce

Right to repair: Large scale IT buyers can influence product design... and they should

Five minimum features needed in your choice of a business laptop

Venom BlackBook Zero 15 Phantom

They're obvious to some, but not everyone takes these precautions.

Over the last year or so, I've been covering a number of information security, or infosec, events. And I keep hearing the same two messages. The amount of money being spent on security is increasing. The cost and impact of breaches is increasing even more rapidly.

In other words, were spending more and losing more. What can we do?

If you want to reduce the risk of having your systems accessed by unauthorised parties and mitigate the damage when your systems are breached there are a few things you can do.

1. Don’t open links in email

Newsletter Signup

Get the latest business tech news, reviews and guides delivered to your inbox.

I have read and accept the privacy policy and terms and conditions and by submitting my email address I agree to receive the Business IT newsletter and receive special offers on behalf of Business IT, nextmedia and its valued partners. We will not share your details with third parties.

The word is that the eBay hack that was reported last week started when some eBay staff members were duped into opening links on phishing emails. As a result, their user credentials were captured and the bad guys used that information to access the records of over 140 million eBay users.

2. Use complex passwords

Every year, there's a report in the papers telling us that "123456" and "password" are still the most common passwords.

Seriously, use complex passwords that use a combination of upper and lower case letters, numbers and symbols.

3. Keep systems up to date

Those security updates that Microsoft, Apple and others release periodically are important. Many of the systems that are breached are attacked through vulnerabilities that the software companies have fixed and issued patches for.

Update your server and desktop systems regularly.

4. It's not about viruses any more

Most of the attacks made on systems come from compromising people and not systems. Although viruses are still out there, the broader category of malware (a portmanteau of malicious software) includes software that comes from installing dodgy software, accessing dodgy websites and opening untrusted email attachments.

That means your most important line of defence isn’t security software – it's educating your staff. Remember, prevention is the best cure.

5. Practice your breach procedures

You've got some breach procedures written down haven’t you? Things like how to recover data from backups, who to notify if your systems are compromised (customers, suppliers, business partners, service providers) and back up procedures if your IT systems are offline for a few days.

Think about what would happen if your main systems were offline for an hour, day or week and put in place plans for each situation. You might not be able to trade as normal but see if there are ways that will let you keep operating, even if only in a limited way.

The trouble with listening to specific security vendors is that they focus on the problems their solutions solve. But your business needs to think of all the potential risks and actions.

This is where the security industry is letting us down. Their focus is on point solutions. But by looking at how your business runs and how you can work around the loss or compromise of a system you can reduce the risk of your business being crippled if a key system is compromised.

Copyright © BIT (Business IT). All rights reserved.
Tags:
security
By Anthony Caruana
May 30 2014
3:03PM
0 Comments

Related Articles

  • 5 essential digital transformation ideas
  • Edging towards smart city dreams with edge computing
  • How SMEs can ensure business IT security measures are sufficient in an evolving threat landscape
  • 5 Considerations to help businesses with their cybersecurity strategy
Share on Twitter Share on Facebook Share on LinkedIn Share on Whatsapp Email A Friend

Most Read Articles

Right to repair: Large scale IT buyers can influence product design... and they should

Right to repair: Large scale IT buyers can influence product design... and they should

Five minimum features needed in your choice of a business laptop

Five minimum features needed in your choice of a business laptop

Building a modern workplace for a remote workforce

Building a modern workplace for a remote workforce

IoT Explained: What is the Internet of Things in Australia (June 2022)

IoT Explained: What is the Internet of Things in Australia (June 2022)

Poll

What would you like to see more of on BiT?
News
Reviews
Features
How To's
Lollies
Photo Galleries
Videos
Opinion
View poll archive
All rights reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorisation.
Your use of this website constitutes acceptance of nextmedia's Privacy Policy and Terms & Conditions.