When you submit an enquiry via our website, we use the personal data you supply to respond to your query, including providing you with any requested information about our products and services. We may also email you several times after your enquiry in order to follow up on your interest and ensure that we have answered your it to your satisfaction. We will do this based on our legitimate interest in providing accurate information prior to a sale. Your enquiry is stored and processed as an email which is hosted by Microsoft within the European Economic Area (EEA). We keep enquiry emails for two years, after which they are securely archived and kept for seven years, when we delete them.
According to a UK Government survey, over 31% of small businesses have been affected by cyber attacks in 2019. Although this has dropped from 42% in 2018, cyber attacks are still a problem. The consequences of an attack include loss or corruption of files, and restricted network access.
There isn’t one solution for solving cyber security issues, so we advise implementing a layered defense that includes both automating security software and employee training. Below, we explain the essential measures that small businesses can use to reduce the risk and impact of cyber threats.
Enabling a firewall will shield your network from intruders looking to exploit vulnerabilities. It helps monitor incoming and outgoing network traffic, and blocks any suspicious activity. Your IT team should be able to set up and manage firewalls easily or you can outsource this to an IT management company.
Using different passwords for different online accounts and changing them regularly is recommended. While most people are aware of this, it isn’t always a high priority. This is where password management software can help. It will allow users to generate different secure passwords for each site they use and auto-populate them when logging in.
More than 80% of data breaches are caused from employees unknowingly installing malware. Training on identifying cyber scams, including phishing emails is necessary for reducing the risk of a cyber attack.
Frameworks are a great way to implement structured security measures within your business to address security risks and put preventative actions in place. ISO27001 and Cyber Essentials are recommended examples of best practise frameworks for IT security, depending on your business size and industry.
Programs and plugins are widely available to automatically identify potential risks. For example, they scan email attachments for malware and viruses. This software will then remove or isolate the threat to save your network from an attack.
One essential part of keeping your organisation secure is to only share files with trusted users, who have had the appropriate training. Knowing who has access to what and minimising who can perform administrator actions will reduce the possibility of a threat.
Encrypted files have a special key that needs to be decoded for them to be read. Sensitive information such as passwords and customer data should be encrypted, this is especially important to prevent a GDPR breach.
CertiKit is a provider of document toolkits and has helped more than 4000 organizations worldwide with their compliance.
For more guidance on implementing the Cyber Essentials scheme, we’ve put together a list of our best free resources including sample documents, blogs and downloadable documents.