With innumerable businesses growing their online presence in 2020 and 2021, many operators and entrepreneurs have had a steep learning curve into how to effectively use the technology to their benefit, and are also learning how to protect themselves, their products, and their clients online.
Boost IT are members at Hub Anzac Square, and experts in cybersecurity for businesses of all sizes. We spoke to them about how businesses could make changes to protect themselves against cybersecurity threats.
What are the risks?
The risks involved with cybersecurity are high, not just financially but also from a business reputation standpoint – Australian law requires you to declare if you have been hacked.
Understandably, sending a message to customers telling them their personal information might have fallen into the wrong hands can be catastrophic, and rebuilding trust is incredibly difficult once lost.
Many small business owners don’t know where to start with protecting themselves and assume they need a large budget for cybersecurity. Protection does not have to be complicated or expensive, and there are a number of steps you can implement.
- 62% of small and medium Australian businesses have suffered a cybersecurity breach
- 90% of cybersecurity breaches affect small businesses
- In Australia, $300 million is lost to cybercrime every year
Identifying threats to build the right defence
Currently, the biggest risk to your business involves falling victim to phishing messages.
Phishing involves email scams or SMS’s attempting to retrieve private information – sometimes all they need is for you to click on a link, but they often want to receive payment or learn your account passwords through several elaborate steps.
Identifying and avoiding phishing scams is essential to protect your business.
The other significant threat is weak passwords.
“It takes 5 seconds to hack an 8 lower case letter password with brute force technology. Since most people use the same password over various platforms, many accounts can become compromised in the time it takes to watch a YouTube ad.”
– Richard Cowley (Boost IT manager and technician)
Depending on a single identification method is not safe.
Other threats are the contamination of data and ransomware. While the best measure is prevention, there can be cost barriers to set up a high-tech strongbox around your data.
Phishing warning signs:
- Offers that sound too good to be true
- Messages that create a sense of urgency
- Inconsistencies in font/spelling/logos/images
5 Cybersecurity tips to protect your business
Each of these tips can help provide essential protection for all the situations described above, and they only require common sense, good communication, and strong processes.
Everyone in your business should know the risks and the signs to identify risks. Take the Australian Government’s quiz to check how skilled you are.
- Report threats
If you receive a message impersonating one of your clients or providers, make sure all your employees are on the lookout. You may also want to tell the company being impersonated to act accordingly and check for breaches.
- Have a process
The best way to avoid paying a fictitious bill is to have strong processes in place. Write down a detailed list reminding you to check facts, match invoices, and require phone call confirmations when changes occur.
A daily data backup is essential to make sure you lose nothing in case of data corruption.
- Always set multi-factor authentication
Multi-factor authentication is a great roadblock for nefarious types trying to steal information.
The above solutions can be implemented cheaply and easily at the beginning of your business journey, but only outline the first step. Protecting your data locally and on the cloud with adequate IT is essential.
The Government and Australian Cyber Security Centre recommend an essential strategy of cyber threat mitigation, which should become incorporated into your goals as your business grows. For many businesses working with an expert such as Boost IT can help ensure ongoing protection and help you stay up-to-date with emerging threats and developments.