It seems that almost every day another cyber security breach has made the headlines, with countless organisations being targeted by hackers and cyber criminals.
Sadly, this trend is unlikely to decrease. Stealing company and customer data or tricking employees into paying bogus invoices can be a very lucrative enterprise for cyber thieves. And as more and more network and operating system exploits are publicised online and in the news, it can be a quick and easy pay day for criminals.
An assault on an organisation's infrastructure or IT systems can have severe consequences. The costs involved with cleaning up an attack, the reputational damage to your organisation and not to mention potential legal action, can spell the end of your business – so securing your organisation against cyber attacks and cyber fraud is crucial. But with many SMEs having little or no in-house IT expertise, it can be a daunting task.
The UK government's 2016 Cyber Security Breaches Survey found that 24% of all UK businesses had experienced a cyber security breach in the past 12 months. For large firms, this figure jumps to a whopping 65%. Ignoring the issue is no longer an option.
There are many ways that businesses can protect themselves against this evolving threat. Here's 10 tips to help protect your organisation from cyber attacks and fraud:
1 – Make a plan, and review it regularly. Develop an understanding of the cyber security risks your organisation faces and put in place policies to reduce those risks. The cyber security landscape is evolving regularly, so keep up to date with the latest trends and threats, and review your protocols regularly.
2 – Ensure that all passwords used within your organisation are strong and changed regularly. Use combinations of uppercase and lowercase letters, numbers and special characters. Use two-factor authentication whenever possible.
3 – Secure your internet connections with a firewall.
4 – Keep all software up to date. Ensure that operating system and browser updates are installed swiftly. Keep all network firmware up to date – for example, your internet router or firewall may receive regular updates from the manufacturer.
5 – Ensure virus protection is installed, up to date, and activated on all computers and servers. This includes Apple Macs – contrary to popular belief, they’re not immune to viruses!
6 – Install virus scanning software on your email server, or use an email hosting provider that removes viruses before they reach you. Services such as Microsoft Office 365 Hosted Exchange email protect your organisation against spam and malware.
7 – Ensure that all portable devices are encrypted and password protected where possible. This includes smartphones, tablets, USB storage devices and SD cards.
8 – Backup, backup, backup. Employ the 3-2-1 backup strategy for backing up your files: three total copies of your files, two of which are stored locally on different storage mediums or devices, and one copy off-site (eg. using a cloud backup service). Ensure that you back up regularly.
9 – Beware of phishing scams, and don't confirm financial requests via email. If you're asked to pay someone or make a transfer, confirm the details via telephone – and verify the identity of the person making the request. Cyber criminals target businesses of all sizes in this way by making their scam emails appear to be from your own company employees or suppliers.
10 – Plan for when things go wrong. Have a response and recovery procedure in place, ensure all your employees are familiar with it, and practice it like you would practice a fire drill.
Protection against cyber security breaches and cyber crime has become increasingly important over recent years. Your organisation is solely responsible for its cyber security preparedness, so spend some time ensuring that you're ready for the evolving threats that you might face – or you may face the consequences of a devastating cyber attack.
Lynn Wellings MAAT
Senior Dynamics Consultant
etac Solutions are long established suppliers of Microsoft Dynamics NAV and now provide Microsoft Dynamics 365 Business Central as part of our ERP services. We pride ourselves in taking a different approach in order to craft the most appropriate solutions for our customers. We are a technology partner who can integrate, implement and then support your ERP solution at every step.