Most small firms aren’t making online security a priority. But with new data protection legislation coming in, it’s time it was pushed up the agenda…
Despite the EU announcing its General Data Protection Regulation in April, which comes into effect over a period of two years, two thirds of small firms still aren’t making online security a future priority.
A survey from Close Brothers found that 63% of companies have made the decision not to invest in better online security.
Even with Brexit, the new EU regulations would need to be adopted by UK firms wanting to trade with the single market.
This means, now is the time to get your online security systems sorted. Here’s how…
1. Conduct a review
The first step should be conducting a review of all your online system, cloud storage and computer security. You can do this yourself or get in a firm that can find the weak spots in your online security system.
2. Create strong passwords
This is a simple one, but also one of the most effective ways to keep your data secure. Everyone in your company who has access to any form of data or the company network should be choosing strong passwords that are updated regularly.
For strong passwords, try choosing a phrase instead of a word. Then add in both numbers and symbols. You can test the strength of your password online at various websites.
3. Stay updated
Make sure that all your security software is up to date. New viruses are being developed daily by hackers looking to find their way into your data. Security software can help defend against these attacks but only if they are up to date.
Ask one of your team to be in charge of updating the computers when the newest version of your software is released.
4. Train your staff
We’re not expecting all your employees to become hackers but they should be kept up to date on tactics used by hackers to gain access. This includes everything from using the web responsibly – eg don’t go onto any dodgy looking sites – or simply not writing their passwords down and leaving them on the desk.
Hackers don’t always work from a basement somewhere – they can simply walk into your office and copy down details.
With emails, the rule of thumb is that if it looks too good to be true then it probably is. Make sure your staff know not open any attachments that they’re not 100% sure about.
5. Check other devices
These days, not all work is done from a desktop computer in the office. People can be working from a variety of devices from personal tablets to company laptops. These all need to be checked and made secure.
Setting up a virtual private network (VPN) adds another layer of security and allows your team to remotely access the network safely.
Also, simple tasks like making sure mobiles have a password or fingerprint access only can help make your company more secure.
The same goes for like hard-drives. These should be encoded with a password so that if they are left on a train by accident they can’t be accessed.