Cyber security is a growing concern for South African businesses. PwC’s 2016 Global Economic Crime Survey shows that cyber-crime is South Africa’s second most reported economic crime: 32% of local companies reported an online security breach in the last two years. While 61% of CEOs are concerned about cyber-crime, only 37% of businesses have an incident response plan in place. Most businesses are thus not adequately prepared for a cyber-attack and could suffer irreparable financial losses and reputational damage as a result.
As a small business owner, you’re juggling many balls at once; HR, customer relationships, sales pipeline and budget forecasts to name but a few. If you haven’t already, you need to add cyber-security to your list of priorities now – and protect your company’s valuable information.
Here are three practical tips to help you minimise the risk of data breaches and beef up your internal cyber-security measures.
Add protective layers
Multi-factor authentication may sound like a mouthful but essentially what it does is add an additional layer of protection when logging into your systems. An online username and password is a standard security measure, like a lock and key on a door. Multi-factor authentication is the deadbolt.
Sophisticated cyber-criminals are increasingly able to hack basic login details, but should they gain access to your company or customer passwords, multi-factor authentication will ask them to provide further proof of identity. This could be a unique code sent to a different device or even a fingerprint. If your passwords are compromised, this extra step will reduce the risk of a systems breach and protect both your business’ and customers’ information.
Know where your assets are
Taking stock of your business’ assets refers to more than just your computers, printers and other hardware. You need to keep track of your non-physical assets too, such as personal customer information, organisational strategy and financial data. Having an eye on this at all times is an integral part of your cyber-security efforts.
Not only do you need to know where your most valuable information is stored, you need to understand how it flows in and out of your systems and make doubly sure that there is no way it can leak out unnoticed.
Even if your assets are stored safely, access to them could be compromised. Former employees or ex-customers are often able to access business systems long after they have left. This is a risky oversight that can leave your business wide open to an attack. Keep your assets safe by monitoring who has access to them.
Keep your computer clean
A clean screen is one thing, but what you really need to focus on is your business’ software. Small businesses are notorious for poor computer hygiene and this can hugely compromise their online security. To overcome this, you need to make sure that each and every one of your business’ devices is up-to-date on every level.
With valuable information accessible via a number of different devices, you’ll need good, up-to-date anti-virus software. What’s more, make sure that your employees are not all using the same passwords and are updating them regularly. Don’t assume that your staff understand the risks of cyber-crime, give them proper training that covers data security best practices and how to choose secure passwords and identify phishing scams. If in any doubt, it’s worth having a comprehensive data security policy in place to guide all your business operations.
Although some business owners are nervous about cloud security, moving from desktop software to cloud technology allows you to store and access your business data safely and remotely. Small business owners can also leverage teams of experts who are constantly working to tighten up security within the ecosystem and ship updates. Cloud tech like Software as a Service (SaaS) can be updated automatically and if any data is compromised, it can be recovered from an external source.
An unsecured computer is like leaving your front door open, welcoming the cyber-criminals to walk right in. If you take proper security precautions, keep all your doors double-locked and your staff up-to-speed, your data will stay safer.
By Gary Turner, , MD EMEA, Xero