Making your business cyber secure in 2022

When running a business, there are so many things that require your attention. Ensuring that everything runs as smoothly as possible, delivering the best possible service for your customers, and ensuring you do what you can to protect your business from break-ins.

Unfortunately, the criminals of today aren’t just trying to steal physical items from you anymore, but digital items too! Your passwords, account information, customer data, and more are all being targeted by the cybercriminals of today.

According to a government report, in 2021, four in ten businesses (39%), and a quarter of charities (26%) report having cyber security breaches or attacks in the last 12 months. Furthermore, businesses are required to take steps to protect their customer’s data under GDPR requirements.

To help you protect your business, and your customers, from cyber threats, follow the tips in this guide.

1. Tools to keep your network secure
2. Keeping customer data safe
3. What to do if customer data is breached?
4. Smartphones, tablets, and other portable devices
5. Business cover for theft, interruption or loss

Tools to keep your network secure – storing passwords / VPN / firewall

Leaving your network unprotected is like leaving your house every day without locking the door; you’re leaving yourself vulnerable to criminals.

Your computer network is one of the main ways through which cybercriminals may try to penetrate your business, so you need to protect it. As a minimum, you should have the following:

Firewall:

A firewall is a security measure used to monitor and filter both the outgoing and incoming traffic on your network. Basic firewalls act as a barrier between public networks and private networks. More complex firewalls can perform other tasks based on security protocols that you can set up. In short, they add an extra layer of protection for both you and your customers.

VPN:

Should you be operating your business through a public internet connection, accessing a public network at any point whilst performing your tasks, or simply want to add further protection, a VPN can be very beneficial.

A VPN is used to encrypt your information and shield your online activity. When you touch something in the real world, you’ll leave a fingerprint. A similar thing happens on the internet, when you visit a website, the fingerprint your leave behind is your IP address. A VPN disguises this so no one – be it a cybercriminal or legitimate organisation – can see what you’re doing online.

If you can’t be found or traced, this makes it harder for cybercriminals to find and target your network.

Password Protection:

Passwords are a very useful tool when it comes to your cyber security. In short, they can help to block access to sensitive information. This is why cybercriminals look to obtain passwords – it’s like getting the keys to your target’s front door.

Implementing password protection on your devices, network, and other aspects of your business is a must. Further steps you can take would be to implement something like a password manager. This is a tool that generates unique passwords for your business that are harder to obtain.

Another measure is to ensure you and your staff don’t save their password on a browser. This may be convenient, but it weakens your security.

Other precautions worth considering are using Domain Name Service (DNS) protection, endpoint protection, Cloud-based security solutions, and email gateway security.

Lastly, discourage your employees from writing your passwords down in a digital format. This can be hacked, and the passwords can be stolen.

Keeping customer data safe

Under the Data Protection Act,  there are certain requirements that you must meet to ensure the safety of your customer’s data. Start by reviewing the data that currently capture and determining what essential pieces of information you need and disregarding that which is unnecessary.

In doing so, you’ll be monitoring a smaller pool of data which will be easier to protect, and deemed less valuable to the outside world.

Next, review where and how you are storing this data, along with who has access to it. Only allow access to those who need it and ensure that your chosen storage solution is as secure as possible. Using some of the tools we mentioned earlier can help with this goal.

Finally, implement a storage limit. This way, after a period of time, you will remove old data from your system. Once data is no longer needed, you can remove it and make room for new information. Ensure that you back up this information on a regular basis.

What to do if customer data is breached?

Unfortunately, despite your best efforts, data breaches are still possible. In the unfortunate event that your business may fall victim to a cyberattack, it’s important that you follow these steps:

1. Assess the source and severity of the breach 

   Most security software will keep a log of incidents, so you can see when these events occur. They will inform you when the breach occurred, its source, and the information that was accessed.This process can be done without this software, but it is incredibly time-consuming.

2. Reinforce your Security 

   After a breach, your system will be more vulnerable. Your next move should be to plug the leak and re-bolster your defences. This way you can limit the damage that may occur during or after a cyber attack.If you have a company or service that provides this for you, they will be able to assist with this.

3. Spread the word
   Next, you need to alert the authorities and the customers affected. Cybercriminals may use the data stolen to target your customers, so the sooner you notify them, the sooner they can protect themselves. This transparency is important for your brand and is a legal requirement.

Smartphones, tablets, and other portable devices

As helpful as these devices can be, they also act as another point through which criminals can access your network. Should you and your staff use this tech in your business, we recommend providing them company items rather than allowing them to use their own. This will allow you to better secure the devices, and monitor them regularly.

Should any of these devices get lost or stolen, ensure that they are locked and tracked. If you are unable to recover the stolen tech, make sure the device is wiped.

Business cover for theft, interruption or loss

Regardless of the nature of your business, it’s highly likely that part of the function of your business will rely on computers. If these devices are stolen or compromised, this may result in paying for replacements or a loss of business.

Having the right insurance, such as computer equipment insurance, will ensure that you are protected and in the event of a problem, you can continue to operate your business. Expand your knowledge of business insurance and learn about the different coverage options available at Brisco Business.

Dean Laming

Dean is a Chartered Insurance Broker with more than 25 years insurance experience. Through various underwriting, operational and management roles, Dean has built up extensive knowledge of how to run a business and is now Managing Director of Brisco Business, part of the wider Henry Seymour Group.

All articles by Dean Laming