Menu
Top 15 tips for Kiwi SMBs to boost cybersecurity practices

Top 15 tips for Kiwi SMBs to boost cybersecurity practices

What can SMBs do to reduce the risks of attack and the damage such attacks may cause?

The need to protect computers, programs, networks and data from attack, damage, theft or unauthorised access is not restricted to governments and large businesses.

With governments and large businesses spending considerable sums of money protecting their systems, criminals are turning their attention to softer targets like small businesses.

According to CPA Australia, one of the world's largest accounting bodies, across the Tasman in New Zealand, cybersecurity is therefore a real issue for small business.

For most, it is not a matter of if you will be attacked but that you have already been attacked or will be attacked.

The question therefore is - taking into account that client data may be the primary target of such attacks - what can you do to reduce the risks of attack and the damage such attacks may cause?

There is no one single action you can take that is going to protect you from cyber attacks. The following lists some of the actions you should consider to improve your cybersecurity:

Know your business

It is important to be fully informed as to how all aspects of computing services your business uses are provided and protected.

For a small business today, there have never been so many services and applications that can be accessed via the internet or cloud, and can be used in the office or on a mobile device.

There is usually little or no opportunity to vary the terms of use of these services. You should consider how your business would operate if that service was unavailable for a period of time, how easily you can move your information to another provider and how your provider is protecting your information from data loss.

Cybersecurity starts and ends with you and your staff

You can invest considerable sums of money on systems and hardware to protect your network only to find a simple error or an inadvertent sharing of passwords by a staff member can allow a criminal to circumvent all those protections.

You must therefore establish and enforce basic security policies, and train staff so that they are aware of secure behaviour, and have a reasonable idea of when someone may be inappropriately seeking confidential information from them.

This could be via an email (known as phishing), over the phone (known as vishing) or even via text message (sometimes called smishing).

You should give one staff member responsibility for regularly communicating and training you and your staff on cybersecurity issues.

Keep your software up to date

Have anti-virus software and make sure it, your web browser and operating systems are up to date. Set anti-virus software to run a scan after each update.

Enable automatic updates of such software and prevent employees from disabling these updates. Use application ‘whitelisting’ to help prevent malicious software and unapproved programs from running.

Have a firewall

Make sure your operating system’s firewall is enabled and prevent staff from disabling it. If employees (or others who have access to your system) work remotely, ensure their systems are protected by an appropriate firewall and that it is up to date.

Patch applications such as Java, PDF viewers, Flash, web browsers and Microsoft Office and operating system vulnerabilities.

Identify your assets that may be vulnerable to attack

Do a stocktake of what assets you have that could be vulnerable to attack so you know what you need to protect and prioritise risks. Assets include physical and virtual such as intellectual property.

Do regular backups

Regular back-ups that are stored at a secure offsite location or in the cloud should allow you to get your business up and running very quickly after an attack.

Fully test whether those backups work on a regular basis. If you use a cloud backup service and you are storing sensitive client information, you should encrypt the back-ups beforehand.


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags SMBscyber security

Brand Post

Featured

Slideshows

Reseller News Platinum Club celebrates leading partners in 2019

Reseller News Platinum Club celebrates leading partners in 2019

The leading players of the New Zealand channel came together to celebrate a year of achievement at the annual Reseller News Platinum Club lunch in Auckland. Following the Reseller News Innovation Awards, Platinum Club provides a platform to showcase the top performing partners and start-ups of the past 12 months.

Reseller News Platinum Club celebrates leading partners in 2019
Reseller News hosts alumnae breakfast for Women in ICT Awards

Reseller News hosts alumnae breakfast for Women in ICT Awards

Reseller News hosted its second annual alumnae breakfast for the Women in ICT Awards in New Zealand, designed to showcase the leading female leaders in the industry. Held at The Cordis in Auckland, attendees came together to hear inspiring keynotes and panel discussions, alongside high-level networking among peers. Photos by Gino Demeer.

Reseller News hosts alumnae breakfast for Women in ICT Awards
Reseller News Innovation Awards 2019: meet the winners

Reseller News Innovation Awards 2019: meet the winners

Reseller News honoured the standout players of the New Zealand channel in front of more than 480 technology leaders in Auckland on 23 October, recognising the achievements of top partners, emerging entrants and innovative start-ups.

Reseller News Innovation Awards 2019: meet the winners
Show Comments