5 ways to improve your business Cyber Resilience

Effective cyber resilience isn’t expensive. In fact, most cyber attacks on SMEs could be prevented with simple changes on the inside. Gerry Grant, Chief Ethical Hacking Consultant at the Scottish Business Resilience Centre, discusses five of the most effective.

Guide

1. Updates

We all hate pesky update notifications. Many of us even ignore them. The fact is, though, that updates can prove critical to online security. Many hacks could be prevented if systems were kept up to date and patches applied in a timely manner. Take the recent Equifax hack, in which the personal data of some 143 million users was compromised. Reports are now suggesting that the criminals took advantage of a vulnerability for which a patch had been available for several months prior to the attack.

TOP TIP

Regularly check for security updates and apply them for all of your business’s devices and systems.

2. Passwords

Stop thinking about passwords and start thinking about passphrases instead. Take three or four unrelated words and join them together to make a long password. Try to include some numbers and symbols. If you use a password manager, it will help you create a different password for every account that you use and even remember them for you. Many people don’t like the idea of a password manager but they are much safer than using the same password for every account, especially if used in conjunction with two-factor authentication.

TOP TIP

Teach your employees how password manager software works. It won’t take long, and it’ll significantly boost your security.

3. Two-factor authentication

With two-factor authentication enabled, your password isn’t enough to log in to an account; you need a special one-time code or push notification to log in as well. This is normally sent to an affiliated mobile phone when a log in is attempted, meaning that if someone steals your password they won’t be able to access the account unless they have physical access to your second form of authentication. Most computer/mobile applications now offer two-factor authentication, and there are specific apps you can download too.

TOP TIP

Employees can be individually set up on two-factor authentication processes for easy but secure access across your business.

4. Hyper text transfer protocol secure

Sometimes when you connect to a website you’ll see a little green padlock in the address bar. This indicates that the site is using HTTPS, meaning that communication between your computer and the website is encrypted. If a website is only using HTTP, it’s possible for hackers to intercept communications. Some browsers are now highlighting sites that do not use HTTPS as insecure.

TOP TIP

Not using HTTPS could be costing you money. It helps establish trust with users and can raise your search rankings on Google.

5. Wifi hotspots

It’s possible for hackers to intercept communication sent over Wi-Fi networks. They may even be able to trick people in to thinking that they are connected to a genuine Wi-Fi hotspot. Despite the prevalence of Wi-Fi hotspots the general advice is not to use them, especially if you’re accessing sensitive data such as banking, sending confidential information or logging on to social media accounts.

TOP TIP

If you need public internet access then you should rely on a Virtual Private Network (VPN). With a VPN, all traffic between your device and the internet is encrypted.

Get the support you need right now

You can connect with us through the contact form, call us or contact your local Business Gateway office

Contact Us Find my local office

You might also be interested in

Intellectual property: the basics

It’s important to protect your intellectual property rights such as copyright, trade marks, patents and design rights and to avoid infringing the rights of other intellectual property owners.

Starting a high-growth business

Pre-start technology businesses with high-growth potential may be eligible for support from the High Growth Start-up team at Scottish Enterprise. You can get help with finding funding, building your team and business planning.

Non-disclosure agreements

Consider confidentiality before approaching another company or individual when developing your ideas.A non-disclosure agreement (NDA) is a legal contract between you and another party not to disclose information that you have shared for a specific purpose.