It’s important to ensure that you are observing best practice to protect your business, your customers and your bottom line. Whilst there is no way to guarantee complete security online, these five simple steps from Phil Upton can be followed by any business to help protect its information.
1. Do all you can to block out malware
Every business should be using anti-spam software, as it will reduce unwanted emails and stop malicious emails before they even arrive in company inboxes.
Phishing emails are malicious emails sent from what will often look like a legitimate source. It might be an email from your bank asking you to confirm information about your account, or something as innocent as Apple asking you to reset your iTunes password. Treat any email asking for information like this with extreme caution and always be sure to check the sender email - this is often a big clue as to whether or not it’s a real request or a criminal trying to steal your details.
2. Use AntiVirus and keep all your systems up-to-date
Every time a customer or client sends you a file or you visit a site online, you open your business up to all sorts of online threats like viruses and malware. Robust AntiVirus software, combined with your email anti-spam settings, can help protect your business against this.
The best AntiVirus software for you is largely determined by your business needs, but some things to consider when making the decision include:
- Does the software offer a support service?
- Does it have an easy-to-use interface?
- Is it highly-rated?
Most AntiVirus software comes with a free trial, and making use of this can be a good way to discover if it's the right fit for your business before committing to the paid-for packages.
Once you have your AntiVirus software installed, it's essential to keep it up-to-date. Viruses and malware are constantly evolving, and if you ignore these system updates then you leave your business vulnerable.
As well as updating your AntiVirus, it's important that all devices have the latest operating system updates installed. When an operating system being run by an employee needs an update, it's crucial to ensure that it's installed as there could be security changes or improvements to configure. It’s best practice to keep automatic updates on and to keep all programs updated to the latest version.
3. Choose strong passwords
A strong password will keep your accounts secure and stop anyone from accessing sensitive data. Your password should be a mixture of uppercase and lowercase letters, as well as numbers and special characters. Avoid using personal information like your date of birth or a pet’s name as these could easily be guessed.
It can be tricky to think of unique passwords, so try using a generator which can help you create a unique password, as well as ticking all the boxes for a secure password.
Another way to increase protection of your company’s network is to keep changing the password. That way, if someone were to attempt to crack it then it would take a lot longer as they would need to have the right password and be between the right dates.
One of the biggest mistakes you can make with password security is noting them down as a reminder. If that piece of paper goes missing – or is seen by somebody – then it grants access to all of your information, no matter how strong a password you have created! Have a conversation with your team to make sure that they are all up-to-date on how to keep their passwords secure.
4. Have a written policy
Having a written policy on everything from the types of sites that your staff can access to who the point of contact is should something go wrong, can make all the difference when it comes to keeping your company safe.
In your policy, it’s best to ensure that you declare which programs can be used and what cannot be downloaded. This will reduce the risk of one employee spreading a virus.
Ensure that all staff are fully-educated, both on the policies and procedures of the company and IT behaviour, so that they can securely surf the web.
It's a good idea to have a person, or group of people, that employees who work in different departments can ask for help from if they need advice or are unsure of anything. Equally, be sure to consider having a secure remote working policy for any employees who may be accessing company emails or data whilst away from the office.
5. Manage incidents
If anything was to happen to your IT systems, regular backups ensure that you have something on which to fall back. Scheduled backups of files will make the business more stable – otherwise, important folders may well be lost.
Take some time to plan for what to do in the event that your business security and client data is compromised. Since the introduction of GDPR in May 2018 it's more important than ever to take a proactive approach to managing incidents.
Hopefully these handy tips can help you avoid or minimize a security breach. Investing in your business’ online security now can save you money, time and a lot of hassle in the long run.
About the Author
Phil Upton is Co-Founder and Managing Director of Purple Creative Studio, which was formed in 2009. With a working career now spanning 46 years, Phil's career path has generally focused on technology-based areas including electronic design work, Information Technology sales, implementation and project management through to software development and solutions for the advertising and creative business sectors.