'Every business, regardless of size, is vulnerable to a cyber attack. However, it is the responsibility of the business to educate their employees on best practices and ensure that they are fully prepared when challenged with a cyber security threat' – this is one of System Force IT's most repeated statements.
And SoGlos has teamed up with its tech experts to create a handy hot list of the top 10 signs that your business could be vulnerable to an attack.
From easy-to-guess passwords to unsecured wifi networks, use this list to double check your systems and day-to-day practices and make sure you're doing everything you can to keep your business safe.
You're still using outdated software
It's easy to keep moving with the same software, especially when you finally find one that works for your business needs!
But if your computers are running old versions of Windows or other programs, they may no longer receive security updates. Hackers actively look for these 'unlocked doors' to break in – so it's paramount to stay on top of new patches as they're released.
Weak or reused passwords
Remembering tonnes of different passwords is a tough ask, but if staff members are using short, simple passwords like '1234' or the same password for everything, it’s like leaving your office key under the doormat.
Cyber criminals can guess or steal these easily and leave businesses at the mercy of attacks, so make sure to use complex character combinations, update them every so often and store them securely to make sure they don't get forgotten.
No regular data backups
If you don’t back-up important files, such as customer details, invoices or project work, you risk losing everything in a ransomware attack – these types of attacks involve criminals gaining access to your network, lock your files or take copies of data and demanding money to unlock them, sometimes threatening to leak sensitive data, too.
If this does happen, the UK National Cyber Security Centre advises not paying ransom demands as there's no guarantee of a reconnection to data or systems; the computer will still be infected; and the risk of future attacks rises. This is why recent offline backups are a must-have.
Staff haven't had cyber training
Employees are often the first line of defence when it comes to cyber security.
Without basic training that helps employees understand the risks that come with using the internet while at work and equips them with the knowledge to spot suspicious emails and links or dodgy phone calls – or else your team may unknowingly let hackers in.
System Force IT recommends achieving the government-backed UK Cyber Essentials certification, which you can access here: systemforce.co.uk/cyber-essentials.
Old or unsupported devices are still in use
That dusty old computer in the corner or the unpatched smartphone in your pocket? They could be easy entry points for attackers if they're still connected to your network.
Outdated technology lacks necessary updates and patches that are implemented to protect against threats, so despite the costs that may incur when buying new tech, the cost of security breaches could be far greater.
No clear process for software updates
Pesky update notifications can get annoying, but ignoring them can lead to catastrophe – cyber criminals love businesses that 'forget to patch'.
If no one is responsible for installing updates on computers, phones and servers – and also monitoring other team members to make sure they also keep up with updates – chances are you’re missing important security fixes.
Unsecured wifi networks
The rise in free, public wifi availability is super helpful for professionals and businesses that work remotely, but hackers can easily snoop on internet traffic as these networks don't offer built-in protection – offices using wifi without a strong password are also at risk.
Hackers can sit between you and the connection point, so instead of the computer communicating directly to the hotspot or wifi box, the information is going straight to the hacker, who can then access important emails and credit card information, or plant malware in your system.
No antivirus or firewall protection
Antivirus software and firewalls are like security guards for your computers, without them, attackers can slip in unnoticed.
This leaves your systems vulnerable to a number of threats, such as malware, data theft and offering open access to all – including cyber criminals.
Some antivirus programs available include Norton™, McAfee and Bitdefender™.
Sensitive data is stored carelessly
If customer information, bank details or HR files are stored unencrypted, shared via email or kept on USB sticks, they could be stolen or leaked far too easily.
This sensitive data should be kept on encrypted hard drive, with multi-factor authentication and robust backups, such as encrypted cloud storage – and not accessed on public wifi.
You think 'it won't happen to us'
Perhaps the biggest risk of all is believing your business is too small or unimportant to be attacked.
The past year has given businesses a glimpse into the potential threats and losses that can happen, with large corporations suffering major attacks in the UK and beyond.
But it's not just the big businesses who are hit hard, cyber criminals often target smaller businesses precisely because they expect you won’t be prepared.
