Geeks2U Promise
We guarantee you'll love our fast, friendly service - or we'll refund your money.  
133,572 Happy Customers & Counting
Need tech support?
1300 769 448
Extended hours, 7 days a week
Home  /  geekspeak  /  Best Practices for Computer Security within Small Businesses

Best Practices for Computer Security within Small Businesses

Computer security has never been a hotter issue than it is today. Data breaches, cryptolockers, malware, phishing – as more and more of our lives and businesses go digital, the more we expose ourselves to sneaky hackers looking to take advantage of us.

As a small business owner it’s easy to let computer security slip as a priority. You’ve got so many other things to do besides fiddle around with some computer stuff. She’ll be right, mate! Right? Well, not really.

Anthony Hill, Head of Technology at Geeks2U says that ignoring computer security could lead to a “worst case scenario where there’s a total loss of your business as data like customer info and orders are deleted, customer data is leaked online resulting in a privacy breach and proprietary company information getting out to competitors”. The consequences of ignoring computer security can be catastrophic.

Backups, backups, backups

Backups are Anthony Hill’s top recommendation for small business computer security. “Make sure you have regular backups, because regardless of how good your internet security software is, it’s not perfect.

With a proper backup regime, you can restore any damaged or stolen data quickly”. Regular backups have proven to be the best way to counter popular ransomware attacks. Instead of paying the ransom to restore your data, simply restore from your backups.

The 3-2-1 rule of backups is a mantra anybody serious about computer security should become familiar with. 3 copies of your data, on 2 different devices or mediums and 1 copy offsite. The easiest way to achieve this is to invest in Network Attached Storage and cloud backup (for example Backblaze or Carbonite). Backups should also be as automated as possible to avoid human error.

Keep software updated

Computer security researchers are constantly poking around popular software packages to find flaws that allow hackers to access your computer. Most software vendors keep on top of these security vulnerabilities and release updates to fix them. Hackers take advantage of known vulnerabilities that have been fixed, but prey on users that are yet to update. Thwart the hackers by keeping your software patched.

Unfortunately, software vendors do end support for their products eventually. Versions of macOS three releases prior to the current version and Windows versions prior to Windows 8 no longer receive regular security updates. If you’re still using those older operating systems, it’s time to upgrade or face the computer security consequences.

Upgrade from basic anti-virus

The built-in free anti-virus software that comes with Windows is fine, but if you’re running a small business and have multiple computers to look after (such as those used by employees), it’s worth investigating a centrally managed internet security platform.

Internet security platforms include not just a basic firewall and anti-virus, but the ability to whitelist software, filter internet access, push out forced regular updates and even monitor what employees are doing on company owned devices – all from a single control panel. Having all these features centrally managed ensures all devices are protected and easy to manage, as opposed to trying to wrangle multiple individually owned devices manually.

Cyber security tips for employees

According to Anthony Hill, “the vast majority of data breaches start with staff”, so it’s vital your employees are trained and vigilant. Your small business computer security is only as good as its weakest link!

Introduce a strong password policy (more than 12 characters, no dictionary words, special characters) and provide password manager software to securely store them in. For an additional layer of security, multi-factor authentication tokens such as a Yubikey can be set up for access to important accounts. Using a multi-factor authentication token means any potential hacker needs not only a password, but also a physical token to gain access. This makes it much, much more difficult for unauthorised access.

Institute training to recognise phishing scams. These are emails designed to look like messaging from a bank, a customer, supplier or a fellow employee, but are actually designed to scam your business out of money or access to your computer network. A good way to check if a risky looking email is legit is to pick up the phone and call whoever it is making the request using a publicly available phone number.

Don’t use public wi-fi. Public hotspots can easily be set up as honeypots for hackers to steal information sent wirelessly. Even on legitimate hotspots, hackers can sniff the data going through the hotspot, even if it’s encrypted. The best way to avoid this problem is to provide staff with a mobile broadband device. This way they’ll have internet access everywhere they go, without needing to use risky public wi-fi. If you absolutely must use public wi-fi, at least use a VPN with strong encryption so all communications are secure.

Share

Recent News

Apple recently released the latest in its long running line of MacBook Pro laptops. While Apple has somewhat muddied the water around what it means by “Pro” with the release of the Apple iPhone 11 Pro and Apple iPhone 11 Pro Max phones, in the laptop space, they’re very definitely meant for folks who need… More 

Social Media can have profound effects – for good or bad – on the lives of many people, but what do you if your name is, say, Roger Smith or something equally common and you want to make yourself easily locatable on the biggest social media platforms? The chances are that another Roger Smith has… More 

Google is a company most closely related to search and search-based products, which is why it’s nearly always teetering on the edge of becoming a verb in its own right. Plenty of folk don’t even think of it as “searching” — they simply “Google” their queries day in, day out. Search isn’t all that Google… More 

This week we’ll see the local Australian launch of Disney+, the latest in a very long line of streaming subscription services. While there’s still clearly a place in Australian homes for free to air television (at least for live events such as sports), it’s also clear that on-demand streaming services delivered over a home broadband… More