# Cyber Spring Clean

How is your business protecting itself? In today’s modern world cyber crime is fast becoming one of the most common crimes committed within the UK.  With a 1 in 2 chance that a small business will experience some form of cyber security breach, it is ever prevalent that measures are put in place to ensure they are protecting themselves.
The government have recently released a campaign called #CyberSpringClean to encourage small businesses to improve their cyber security. The government’s guide gives advice on how you can take small but effective steps to protect your business. With Cyber Attacks being big business within the UK, businesses need to be more proactive in protecting themselves “Action Fraud states that £34.6m was reported to have been stolen from victims between April and September 2018, a 24% increase on the previous six months
By following these simple steps businesses can help save themselves from becoming susceptible to these types of threats. An article by Hackmageddon states that in February 88.5% of attacks were motivated by crime. As you can see from the data on different attack techniques, there are many ways for your data to become compromised. The biggest technique was through malware on devices that equated to 37% of how attacks happened in February 2019.
This is a great campaign to get small businesses thinking about how they might be exposing themselves to cyber criminals. The government guide suggests these simple but effective tasks; which anyone can undertake; help businesses be proactive against any threats they may be susceptible too.

Source: Hackmageddon

#1 Back up Your Data

Your data is basically the lifeline of your business. It contains all your vital information, customer data, supplier information, financial data and other sensitive information that is valuable to an attacker. Have you asked yourself, if you lost your data how would it affect your business? Not only in the short term but also in the long term.

  • Have more than one types of back up (Local and Cloud backups?)
  • What needs backing up (what couldn’t your business survive without?)
  • Ensure you have a regular back up system in place
  • Ensure that backups are tested for consistency

Read our top tips for backing up your data here

#2 Prevent Malware

Malware can infect your Servers and Computers through your software or by using an unsecure website. Once they gain access to your device they can be pulling sensitive data from your system without your knowledge. Below are some of the tools and processes required to help prevent against Malware.

  • Antivirus software that is up to date
  • Up to date IT infrastructure with all security patches applied
  • Using Unified Threat Management firewalls
  • Limit the use of removable storage devices (e.g. usb sticks)
#3 Keep Your Devices Safe

Your mobile phone or tablet can sometimes be more powerful than your computer. This can make them more of a threat than you think, as where you go the device usually does too, therefore exposing your data to wider threats. If these were ever lost or got into the wrong hands all your data would become exposed. Make sure your devices are

  • Password protected
  • Don’t connect to public hotspot when sending sensitive data
  • Ensure devices are update and are still supported by the manufacturer
  • Tracking of devices to allow them to be wiped of sensitive data if lost or stolen
  • Ensure they are updated with latest software and applications
#4 Use Passwords to Protect Data

Using passwords to protect information on your devices puts restrictions in place, which allows you to protect the device from being accessed by unauthorised users. Follow the processes below to tighten up your device security

  • Use 2 factor authentication
  • Change passwords regularly
  • Change default passwords
  • Allow staff a safe place to store passwords
#5 Avoid Phishing Attacks

Fraudulent attempts to gain access to your sensitive data is becoming harder to detect. These are typically sent through emails but can come in other forms. It can be hard to tell whether the information you are receiving is genuine or if it’s fake as criminals find new ways to disguise who they really are to gain access to your information. If you do suspect anything, please ensure you

  • Report all attacks you encounter
  • Ensure spam filters are in place
  • Keep updated with the latest scams going on
  • Ensuring staff are trained to spot suspicious activity
By ensuring you are undertaking these simply processes you will be helping to safeguard your business from potential threats. You still need to have an effective IT plan and systems in place to ensure the security and safeguarding of your business. But ensuring you and your workplace are practising these tips can only strengthen yourself against these types of attacks.
If you would like to read the full guide please click here.
If you need information or assistance with looking after you IT infrastructure, click here to contact us on how we can help you today!
(TwentyFour IT is not associated with, or endorsed by, cyberaware.gov.uk)
Sources: bbc.co.uk/news/uk-47016671;  hackmageddon.com/2019/04/03/february-2019-cyber-attacks-statistics/; actionfraud.police.uk/news/train-up-cyber-security-champions-to-stop-hackers-small-businesses-told