Ask most people about cybercrime, and they’ll imagine lone genius hackers targeting giant corporations or the US government.
Everyday cybercrime is a lot less glamorous than in TV and Hollywood. It’s more likely to be committed by groups, often connected to organised crime. As for victims of cybercrime, they tend to be less glamorous too.
Cybercrime targeting SMEs has increased in recent years, with big spikes over lockdown. And let’s be clear about the consequences. It’s not just the financial cost, but the reputational cost too. A cyber-attack can ruin an SME.
We’ve written this blog to highlight five major concerns, and to help you address them. So, without further ado …
You could have the latest and greatest cybersecurity services. But if you don’t look after passwords, you’re seriously exposed. Imagine a building with barred windows and hi-tech burglar alarms, with a front door key under the door mat. That’s the sort of risk you’re taking when you let standards slip with password management.
A simple password management service can take the effort out of this. For one thing, it allows you to prompt users to update passwords at regular intervals. We also recommend multi-factor authentication, which makes you much harder to hack without compromising convenience. At BDR, our cybersecurity experts can review all your password policies to help plug any gaps.
The threat of malware
This essentially refers to any software that’s designed to cause some sort of harm. If you’re not careful, you could pick up malware from email attachments, malicious websites, shared networks … the list goes on.
One classic example is ransomware, whereby cybercriminals lock you out of your system. They’ll then demand a ransom in exchange for restoring your access. One high-profile example was the “WannaCry” attack that targeted NHS services in 2017 .
Since you can pick up malware from many sources, it requires a multi-pronged approach. A firewall will secure your network. Anti-spam and anti-virus are also essential. It’s also essential to keep up-to-date with the latest patches and updates. We strongly recommend cloud backups and a disaster recovery strategy. That way, if the worst does happen, you can still work, and your attackers will have less leverage.
It’s hard to overstate the importance of network security. But think of it like this: your network connects to every part of your business, from your customer database to finances. If cybercriminals gain access, they’ve got a back door to everything.
Some businesses, like hotels and cafés, are expected to provide connectivity to customers. Make sure you do this via a guest network, to keep the back-office network separate. This will also improve performance. We also recommend a firewall, which we mentioned in our point about malware.
Phishing is a form of social engineering fraud, usually done over email. Essentially it’s a way of deceiving people into divulging private information, like passwords or bank details, which are then used to mount an attack. While early phishing scams were quite crude, they grow in sophistication all the time. We’ve seen cases of very tech-literate people being tricked. It happens.
The first step is to make sure your team are properly trained in spotting scams. And when we say “team”, that includes directors and senior management. They’re more prominent, and they’re more likely to hold sensitive info. That makes them targets.
Anti-spam is a must here too. We’ve mentioned it briefly already, but it’s worthy of a bit more detail. Quite simply, a good anti-spam filter will continually scan inboxes, and prevent phishing attacks from even reaching you.
Cybersecurity risks of remote working
We’re big advocates of remote working, and in fact we specialise in technology that supports it. Done well, it boosts productivity and staff morale, as well as expanding your recruitment options. But there’s no denying that it opens potential security vulnerabilities.
In the office, you’ve got more control over the fundamentals – devices, updates, your network. Remote workers introduce more variables into that equation. This shouldn’t put you off though. The risks can be managed – you just have to be aware of them.
You can go a long way by following the steps we’ve given here. Remote workers will be much safer if you ensure best practice with software updates, passwords and anti-virus. Cloud storage is also a smart way to keep files safe, instead of risking local storage. Another BDR service we recommend is the virtualisation of desktops. This allows central administration of user devices, which removes concerns about their operating systems. It also allows you to control access if the device is stolen.
BDR’s bespoke approach to cybersecurity
Unfortunately, cybercrime is a permanent threat. Securing your business is a complex undertaking, but a crucial one. This is where we believe that managed IT services really come into their own.
By choosing BDR, you gain access to true expertise. And instead of simply pushing more and more products on our customers, we believe in a consultative approach.
It is also worth mentioning that we are accredited by Cyber Essentials, the government’s cybersecurity scheme. Our package of products and services can also help your business to achieve this status ‘out of the box’.
In our view, the best cybersecurity companies listen before they talk. That’s why we offer cybersecurity audits – it means we can tailor our recommendations to your business. The details make a difference here. Your size, sector, location and working practices will all determine the risks you face.
We make it our business to minimise those risks. That way, you can focus on what you know best: your business. If you want to safeguard your business, just give us a call at 0800 975 3000 or use the live chat feature on our site.