Tips on protecting your business from cyber security breaches
Back in March 2015, the Government published a guide to cyber security for small businesses. It is worth a read...
There are huge benefits in using information technology (IT) in your business – but there are also huge risks. Most businesses rely on their computer software and hardware to varying degrees: for example, to research products, to store personal information about employees and clients, to keep purchasing, ordering and accounting records or to engage with clients and contacts through social media.
Using IT without any security safeguards can put your business at risk from thieves who want to steal your business information and money or simply disrupt your business. The consequences of an IT security breach can be far reaching for your business and could, for example, cause:
- direct financial loss such as money being taken from your business bank account;
- disruption which could lead to other losses such as an inability to trade because your IT systems are out of action;
- damage to your reputation say, for example, the disruption affects your social media output;
- the loss or compromise of personal data which in itself could lead to fines; and
- damaged business relationships.
What can you do to protect your business?
The Government explains in its guide that security measures need not be complicated. Introducing a few simple procedures into your business practice can make all the difference. Here are a few examples from the guide – you can read the full guidance here. www.gov.uk/government/uploads/system/uploads/attachment_data/file/412017/BIS-15-147-small-businesses-cyber-guide-March-2015.pdf
Include security measures in your day-to-day safe practice
- Download software updates.
- Use strong passwords and change them regularly.
- Train your employees to recognise suspicious emails – and delete them. Do not click on any links within such emails.
- Take advantage of free government training www.nationalarchives.gov.uk/sme/.
- Provide training on social media usage to your employees.
- Use anti-virus software.
- Check that third parties you deal with during the course of your business have security measures in place too.
- Ensure employees look after and store carefully hardware on which important/sensitive information is stored. (For example, don’t leave mobile phones and laptops unsecured.)
Set up a system to manage your risks
- Make sure you know and understand the specific risks to your business. These can be external threats (like online attacks from thieves or business competitors) or internal – such as careless employees revealing confidential information or ex-employees stealing or misusing your business information.
- Show your clients and customers that you are serious about protecting your business, client confidentiality and personal information. Visit www.cyberaware.gov.uk/cyberessentials/, complete the questionnaire and work towards achieving the Cyber Essentials badge.
- You can also download the Government’s free documents here: www.cyberaware.gov.uk/cyberessentials/docs.html
Protect your business from cyber threats online
- Review your business risks. What legal and other requirements is your business subject to?
- Identify the weaknesses in your security systems. Plan for how to protect your business, its interests, assets and information on an ongoing basis.
- Put security systems into place, train your staff on them and create a “disaster” plan to deal with cyber security attacks.
- Make sure all your staff know what to do in the event of a cyber security or “data” breach.
- Review your anti cyber security systems and “disaster plan” regularly.
ContactSubscribe to our newsletter
Please note that the information and opinions contained in this article are not intended to be comprehensive, nor to provide legal advice. No responsibility for its accuracy or correctness is assumed by Pearson Solicitors and Financial Advisers Ltd or any of its members or employees. Professional legal advice should be obtained before taking, or refraining from taking, any action as a result of this article.
This blog was posted some time ago and its contents may now be out of date. For the latest legal position relating to these issues, get in touch with the author - or make an enquiry now.