With the world becoming increasingly digital, even for the smallest business with no direct ties to the IT world, digital security needs to be a serious consideration for every business owner.
Data breaches cost UK businesses tens of millions of pounds. Add to that the GDPR, coming into effect in 2018, which can levy massive fines in the event of a data breach, and information security is more important than ever.
For a small business, it can be intimidating to adopt information security measures, but it doesn’t have to be. Here are five easy and inexpensive ways to improve your business’s security.
Maintain a strong password policy
The best way for a hacker to access a system isn’t through some unknown loophole or software backdoor, but with legitimate login credentials. If you use any simple or easy to remember passwords, you are leaving your business open to a hacker simply guessing your passwords.
Restrict the number of failed login attempts
With no restrictions on login attempts, a hacker can, given enough time, ‘brute force’ their way into a system. That is, set up a program to try every possible password combination, or at least every possible dictionary word, until they get in.
Think carefully about adopting a password manager
Password managers can generate long passwords, and then remember them for you, but remember that they have to store the password somewhere. This means that your ‘master’ password gives access to all of your accounts rather than just one. Password managers have their appeal, but they are not without risks.
Use virtual keyboards for the most sensitive information
If you aren’t quite at the level of requiring endpoint security solutions like promisec.com, you can still use an on-screen keyboard to enter the most sensitive passwords. While keylogger programs can record keystrokes, they cannot record on screen typing.
Keep a robust backup solution
If you don’t back up at all, it is absolutely critical that you start. If you do, make sure you are storing the backups securely. If they are on a cloud service, ensure that the password is extremely strong, the service is reputable, and two-factor authentication is used, if possible. If physical, ensure that backups are stored away from your business to prevent total loss in the case of a fire or similar emergency.