Cyber Security Strategies to Protect your Small Business


Filed under: , small business , cyber security strategy

If you have to choose one cyber security strategy to get right in the new year, our advice would be to focus on protecting your data.


If you have to choose one cyber security strategy to get right in the new year, our advice would be to focus on protecting your data.

Five common cyber security mistakes made by small businesses

Cyber security isn’t just a large business issue. Whilst targeting governments and large businesses can be highly lucrative, they’re also exceptionally difficult to compromise successfully.

Cybercriminals actively target small businesses with phishing and ransomware because they’re opportunists. Smaller organisations are usually less equipped to protect against a cyber threat, and from a cybercriminal’s perspective, less equipped means a greater likelihood of success.

According to a recent survey run by the Australian Cyber Security Centre, almost 50% of small businesses in Australia spent less than \$500 per year on their cyber security requirements. For years, there has been a common misconception by small business owners that they’re safe because they have anti-virus in place. Yet over 50% of cyber-attacks do not use viruses to infiltrate their targets, instead relying on vulnerabilities within email systems and un-informed employees to get access to your most valuable commodity – data.

Small businesses handle a lot of Personally Identifiable Data (PII), or personal information that can be used to identify a specific individual. That data can be personal details such as address and date of birth, customer credit card or bank details, even insurance policy numbers. All of this data is highly valuable to cyber criminals who can use it for monetary gain, whilst damaging your business. And whilst technology makes it easy for us to transact digitally via email or payment systems, it also enables a greater risk of being compromised.

To cybercriminals, the information you collect from your customers equals dollars. Small businesses need strict rules and compliance around moving PII out of email systems and into secure storage, whilst implementing multi-factor authentication and access control to protect valuable data.

By doing so you are sure that any PII you handle is stored securely and can only be accessed by the right people, therefore minimising your risk of a data breach if you are unfortunate enough to be targeted.

Other simple ways to be cyber smart in 2021

Taking small steps to improve cyber security doesn’t need to be expensive or complicated. There are other easy methods small businesses can adopt to improve their security effectiveness quickly and easily.

Establish cloud backup practices

Many businesses have adopted either Microsoft 365 or Google’s G Suite/Workplace as their email and collaboration tool. The great news is that both these platforms come with embedded cloud backup software that is quick and easy to deploy. Microsoft’s OneDrive or Google’s Backup & Sync allow you to backup your data to the cloud automatically and continuously.

Educate staff on cyber scams and threats

Cyber scams and threats don’t rely on sophisticated technology but social manipulation techniques. By investing time and efforts in educating your staff about the types of behaviours and red-flags to look out for (e.g. out-of-cycle invoices and payments, suspicious email attachments, or intrusive emails or calls) you can reduce the likelihood of falling victim to a scam.

Invest in VPN and cloud security controls

The traditional way of connecting remotely to the office was through a “virtual private network” or VPN. With the shift to remote working becoming the norm, as well as uncertain working conditions due the global pandemic, we’ve seen an increase in the adoption of cloud security controls. Some of these controls are very easy to implement, which allow you to not only keep your Internet activity private, but also allows you to exchange information securely. Some examples of this include using secure DNS providers like Cisco’s Umbrella or CloudFlare’s 1.1.1.1 services.

We’re here to help

We know that small businesses without dedicated IT resource, or who are simply stretched for time, can find the topic of cyber security to be overwhelming and too hard. We’re here to help. Contact us at [email protected] and we’ll be glad to help you navigate the simple steps you can take to be cyber safe!