Five cyber security tips for small business owners

1. Treat emails with caution

If you receive an email that you’re unsure about, there are a few simple checks you can carry out to help determine its authenticity:

• First, check the email address of the sender. If it doesn’t match with the corresponding organisation’s website address, it’s a clear warning that the email could be fraudulent.
• A poorly written email is unlikely to make it through the editorial process of larger, more reputable organisations. A quick proofread is often a good way to gauge an email’s reliability.
• If the copy in the email encourages you to click on a hyperlink, don’t click immediately. Hovering over the link with your mouse will reveal the web address of the link’s destination. If this doesn’t meet with your expectations, don’t click!
• Lastly, if you’re still unsure, consider some other ways to verify the email’s authenticity, like calling the organisation directly on a phone number displayed on their official website.

2. Vary your passwords

Cybercriminals are well aware that people often use the same password for multiple services and will try their luck several times if they manage to hack one of your passwords. To avoid becoming a victim of a credential stuffing attack (a method in which hackers use lists of compromised user credentials to gain access to other systems) you should avoid using the same password across different services.

The passwords you use should be long, difficult to guess and should contain a mix of upper-case and lower-case letters, special characters and numbers. Alternatively, passphrases of three or more keywords (the longer the better), like “weatherdrainhorse”, are also a good method for creating passwords, as they’re easy to remember and difficult to guess.

If you find that you have too many passwords to remember, you should look into using a password manager, an online tool that stores and generates passwords for you. All you need to remember is the master password for the password manager and the tool will take care of the rest.

3. Enable two-factor authentication (2FA) whenever you can

Two-factor authentication (2FA) is technology that requires you to use two different methods to prove your identity in order to access an online account. This usually involves inputting a separate code in addition to your password.

Even the most secure passwords can be hacked, so having two-factor authentication in place gives you and your business an extra level of security against cybercriminals

Even the most secure passwords can be hacked, so having 2FA in place gives you and your business an extra level of security against cybercriminals. Many of the services you use are likely to include two-factor authentication as a feature, so you should have a look at your settings to see if you have the option to activate it.

4. Use antivirus software

If you use a Mac, you’re probably aware that Macs are often considered to be less vulnerable to viruses than Windows PCs. However, this doesn’t mean that Macs are completely safe. Even with a Mac, it’s best practice to install antivirus software.

If you use a non-Mac computer, you should consider using additional antivirus software in order to protect your computer against the latest strains of viruses and malware.

With the abundance of software on the market it can be difficult to choose the right one for your business. If you’re unsure about which software to use, you should consult a security professional to make sure you get it right.

5. Avoid using public wifi networks

Public wifi networks, which are accessible to multiple people and often have no password protection, can be a target for criminals and, unfortunately, your personal or sensitive information could end up being intercepted. Public networks differ from your office or private home wifi, both of which are more likely to be secured with a password and accessed by fewer people.

If you find that you have to use public wifi to work, you should check that you’re connecting to a network that is provided by the premises you’re working from. Once you’re connected, be cautious: don’t access confidential documents or log in to your online bank account while using the network.

If you work from public wifi regularly, it might be worth looking into a virtual private network (VPN). This is a service that keeps your own connection private, even when you’re connected to public wifi.