Get in touch

Get in touch

  • This field is for validation purposes and should be left unchanged.

Privacy Notice

X

When you submit an enquiry via our website, we use the personal data you supply to respond to your query, including providing you with any requested information about our products and services. We may also email you several times after your enquiry in order to follow up on your interest and ensure that we have answered your it to your satisfaction. We will do this based on our legitimate interest in providing accurate information prior to a sale. Your enquiry is stored and processed as an email which is hosted by Microsoft within the European Economic Area (EEA). We keep enquiry emails for two years, after which they are securely archived and kept for seven years, when we delete them.

Reveal Menu
Home Blog Cyber Security Tips for Small Businesses

Cyber Security Tips for Small Businesses

According to a UK Government survey, over 31% of small businesses have been affected by cyber attacks in 2019. Although this has dropped from 42% in 2018, cyber attacks are still a problem. The consequences of an attack include loss or corruption of files, and restricted network access.

 

There isn’t one solution for solving cyber security issues, so we advise implementing a layered defense that includes both automating security software and employee training. Below, we explain the essential measures that small businesses can use to reduce the risk and impact of cyber threats.

4 cartoon images of laptop screens with virus error messages, on orange background

Keep your small business cyber safe

1. Use a firewall

Enabling a firewall will shield your network from intruders looking to exploit vulnerabilities. It helps monitor incoming and outgoing network traffic, and blocks any suspicious activity. Your IT team should be able to set up and manage firewalls easily or you can outsource this to an IT management company.

2. Password management software

Using different passwords for different online accounts and changing them regularly is recommended. While most people are aware of this, it isn’t always a high priority. This is where password management software can help. It will allow users to generate different secure passwords for each site they use and auto-populate them when logging in.

3. Employee training

More than 80% of data breaches are caused from employees unknowingly installing malware. Training on identifying cyber scams, including phishing emails is necessary for reducing the risk of a cyber attack.

4. Implement frameworks

Frameworks are a great way to implement structured security measures within your business to address security risks and put preventative actions in place. ISO27001 and Cyber Essentials are recommended examples of best practise frameworks for IT security, depending on your business size and industry.

5. Malware identification

Programs and plugins are widely available to automatically identify potential risks. For example, they scan email attachments for malware and viruses. This software will then remove or isolate the threat to save your network from an attack.

6. Permissions

One essential part of keeping your organisation secure is to only share files with trusted users, who have had the appropriate training. Knowing who has access to what and minimising who can perform administrator actions will reduce the possibility of a threat.

7. Encryption

Encrypted files have a special key that needs to be decoded for them to be read. Sensitive information such as passwords and customer data should be encrypted, this is especially important to prevent a GDPR breach. 

More Cyber Essentials Resources

CertiKit is a provider of document toolkits and has helped more than 4000 organizations worldwide with their compliance.

For more guidance on implementing the Cyber Essentials scheme, we’ve put together a list of our best free resources including sample documents, blogs and downloadable documents.

Free Cyber Essentials Resources

We’ve helped more than 4000 businesses with their compliance

Testimonials

Compared to competing toolkits, your ISO27001 document structure was very good. The provided "Introduction" of each was useful (I have moved those out of the core documents and into a more comprehensive manual) for the general audience vs security staff. The inclusion of references to 27017 and 27018 were appreciated. You provided more "ISMS-C" oriented artefacts than competitors.

Trusted By Design Inc.
Canada

View all Testimonials

Cookie Control

CertiKit uses cookies to improve your user experience. Some are essential for our website to work, but for others you have a choice over which ones you’re happy for us to use.

Please set the controls below to enable or disable the types of cookies shown.

Nice to have cookies
What are these?

Advertising Cookies
What are these?

Cookie Policy