- Use appropriate Malware protection software. Make sure you have comprehensive Anti-Virus software that protects your web browsing, email and scans your devices on a regular schedule. Remember, you generally get what you pay for so it’s worth choosing a good one. And using to different systems will increase your chances of detecting threats.
- Control who has access to your systems. Make sure only those people that really need access to your systems are given it. And then ensure it is only those individuals who do actually access your systems. There are a variety of measures you can take, such as using Multi Factor Authentication, separating Admin and User accounts and using biometric security (touch ID/Face ID) on phones and any other devices where it is available.
- Ensure your software and security is up to date. Keeping on top of managing updates/patches ensures your software runs smoothly but also fixes vulnerabilities on your software that is susceptible to cyber-attacks.
- Establish an effective firewall. Firewalls create a buffer between your internal network and other, external networks. Firewalls monitor all network traffic and can identify and block unwanted or harmful traffic, such as criminals trying to breach your network.
- Secure configuration. Manufacturers often set default configurations for new software and devices to be as open and multi-functional as possible. While this makes it easier to start using new software it’s not particularly secure, and is one of the most common gaps that criminals seek to exploit. Ensure that you don’t use default or factory settings and passwords. And review the features available on the software and lock down those that aren’t required.
- Email. It’s estimated that email is the source of 80% of the viruses or ransomware that get into an organisation. Ensure your email security is set correctly – this can depend on the size of the company and which email service is being used.
- USB and drives. Though less common now, a USB drive is a convenient method of storing and sharing or transferring larger files. However, USB drives can be used to distribute viruses. If a USB drive is misplaced, lost or stolen, sensitive information can also be disclosed.
- Testing and monitoring: Ensure that your IT team or your external IT consultants are carrying out regular tests to assess your systems vulnerability to attack. If you do have a virus, it’s best to identify and deal with it as soon as possible. While the above tips are a starting point, we strongly advise you to seek expert help to set up and monitor your technology measures.
Your staff
There’s an old saying that “prevention is better than cure”. This is particularly true with cybercrime, given the serious impact a successful attack can have on your business. So, while technology may be your first line of defence, your own employees are a second barrier to criminals. Human intelligence, and intuition, are often the most effective way to identify more subtle and sophisticated cyber-attacks.
Build a Cyber Smart culture
It’s important to create a company culture where staff know and understand what is expected of them and feel empowered and encouraged to report any suspicions. Are your staff suitably educated about the danger and different types of cybercrime? Is it easy for staff to report suspicions? Do you reward staff who identify and prevent cyber-attacks? How up to date are you with the latest cyber threats and methods employed by criminals?
Training To successfully fight cybercrime, your staff need to know what they are looking for. A focus on general awareness and the common types of cyber-attacks will help them identify and prevent threats.