5 simple steps to reduce your cyber security risk
October is European Cybersecurity Month
October is European Cybersecurity Month. Cybersecurity Month aims to ensure that SMEs are aware of the potential cybersecurity risks and stay safe online with a focus, this year, on Phishing and Ransomware. Many small businesses think they are too insignificant to get attacked. This is a dangerous misconception.
One undisputed cybersecurity trend for 2023 is that hackers will focus on small and medium businesses as easy targets. Hackers are now shifting their focus to smaller companies and using sophisticated tools to target small businesses with phishing emails, texts and phone calls.
No business wants to face the PR nightmare of unwittingly allowing a bad actor to access financial records, employee contracts or, worse, clients’ confidential information. Here are simple measures that any business can take to reduce cyber threats.
1. Foster a zero-trust policy
Did you know 90 per cent of cyber-attacks start with a phishing email?
What is Phishing?
Phishing is a method that hackers use to disguise themselves as genuine businesses, colleagues or contacts to trick you. The aim is to install malware, spyware or ransomware or to access your company’s sensitive data, for example, financial details or customer information.
To counteract this companies must adopt a zero-trust policy when receiving emails. This means you and your employees must be suspicious of every email message, text, phone call and social media link. Don’t be fooled!
The tell-tale signs of phishing emails:
Phishing emails will often mirror colleagues’ names; however, the email address extension looks odd or does not follow the usual pattern. The language will appear urgent, encouraging you to click a link or download something. Other suspicious signs are misspelt words or unusual greetings and footer details.
The best practice is never to click on a link unless you are sure it is safe. If you have any doubts, please verify the message with your colleagues first.
2. Proper Passwords
According to a recent survey, the word ‘passwords’ and 123456 are still among the most popular passwords used in organisations today!
Our MD, Daragh Naughton, predict that passwords will become obsolete. Sleepless has a policy that includes ‘passwordless’ as an option. It uses trusted devices for MFA (Multi-Factor Authentication). It is convenient for businesses with many endpoints and employees with countless passwords to manage.
For those that wish to manage their own passwords, Sleepless recommends a password of no less than 10 characters, using both upper and lower case letters, numbers and special characters. And above all, ALWAYS USE MFA!!! For the highest level of protection, use a Hardware Key, like a YubiKey.
Even better, use a phrase, for example, mycatenjoysmilk but change it up like this: mYc4tEnj0ysm1lK. Who could crack that code?!
Using the same password on multiple devices or platforms is a big no-no! Never share your password with anyone. Using a simple password manager will store them safely; for example, we like 1password.
3. Onboard and Automate
Hybrid working has become the norm post-pandemic. With this new workplace phenomenon, comes additional cybersecurity challenges. Luckily there are simple solutions to ensure that your employees are compliant and stay ahead of any cyber threats.
Convenient IT packages allow team members to conduct meetings, chat with each other on a call or text, use the cloud to share documents safely and continue to use their Apps like SAGE, Pastel or Hubspot. They come with inbuilt fail-safe features to ensure your business can carry on as usual without the threat of hackers hanging over your business.
Setting up staff members has never been easier with systems like Azure Active Directory (AAD). All company devices are managed on your behalf, from Anti-Virus and encryptions to updating your devices to the latest version. Thus ensuring the device stays compliant without you having to think about it.
4. Awareness & Training
Human error is the number-one cause of cyber breaches. The most important decision you can make is to put cyber security on your company’s agenda today. Simple steps include adding cybersecurity to your regular meetings, partnering with an MSP and staying informed on the latest cyber trends by following blogs or investing in staff training.
Training programs are an excellent and cost-effective way to stay one step ahead of bad actors with bite-sized video training, tailored to your industry. Your team can up-skill in all aspects of cyber security but also discover ways to run the organisation more efficiently. For example, an accountancy firm could benefit from share point file management training, a popular tool for collaborating on clients’ accounts, whilst a construction company can save valuable time by becoming proficient in Power BI Dashboards to help them with essential compliance reporting.
There are hundreds of digestible video training (clip training) sessions available covering how to use the cloud efficiently, run a teams’ meeting, become excellent at excel or manage your client list more efficiently.
If you would like to test Sleepless Learning for free, get in touch today for a no-obligation trial.
5. Partnering with a Managed Service Provider (MSP)
Hackers are constantly developing more sophisticated ways to challenge cyber security. Your business must evolve at the same pace or risk cyber threats. One of the benefits of managed cyber security is that it gives business owners the comfort of knowing their IT and security is managed by experts.
Sleepless work with companies from SMEs to large multinationals. Our customers think of Sleepless as their partner in business, working together to make their systems work harder, faster and easier. The key advantage of partnering with Sleepless is that we allow you to concentrate on managing your business rather than your IT systems.
Get in touch today to find out how the cloud can transform your business and leave you fewer sleepless nights.
