Is keeping your business secure online one of your resolutions for the New Year?
1 week into 2022, and we’re all looking for things to get us through the colder months.
It’s a time of resolutions, new challenges, and new goals. However, it’s just as important to reflect on what you should continue to work on from 2021.
Did you know that the first half of 2021 saw 94% of malware distributed in phishing emails? With high numbers of people working remotely and online this year, cybersecurity needs to be a central focus for the new year.
To show our ongoing commitment to information security, id have once again, been recertified with the ISO 27001 accreditation, proving that cyber security is a key focus for us at id. To qualify, id proved that they could not just prevent but defend against potential data system vulnerabilities. The principles of ISO 27001 are:
- Defining and maintaining a security policy
- Defining the scope of the Information Security Management System
- Conducting a risk assessment
- Managing identified risks
- Selecting control objectives and controls to implement
- Preparing a statement of applicability
The certification involves 114 specific security measures, which you can read more about on the QMS website here.
To celebrate are reaccreditation, we’re helping you to keep your business secure online in 2022 with these top 10 tips.
Top 10 tips for keeping your business secure online
Use passphrases rather than passwords
Predictable passwords are the easiest way for hackers to gain access to important files and information. Even worse, reusing passwords can give hackers extensive access to your details in a matter of minutes. Instead of a password, implement the use multiple words to form a pass phrase. Pass phrases are a much more secure mechanism than passwords. If remembering passwords, let alone pass phrases passphrases is a struggle for you, our next tip will help.
Utilise a Secure passphrase/ password sharing software
Keeping track of passphrases / passwords is a nightmare. Numerous accounts as well as both personal and work logins can involve many notes, spreadsheets, and email password reminders. Tools like LastPass allow you to securely store all of your passphrases / passwords in one place. Even better, you can share login details to give access to accounts without exchanging the password itself. It’s also extremely useful for remembering login details and auto-fills out your email and passphrases / password for you – secure and useful!
Install Anti-Virus and Firewall Software
Whilst standard devices come automatically installed with Anti-Virus software, this is rarely enough to keep your business secure online. Firewalls are a more robust method of protection as they act as a gatekeeper between your computer and the internet. Firewalls form a first line of defence, and we recommend outsourcing your cyber security through an IT provider to ensure the highest levels of protection.
As part of our ISO 27001 certification, id ensures we meet the highest level of cyber security internally and for our clients. Our Mercury Intranet solution boasts the highest levels of online security as part of its collaborative platform. If a secure digital transformation is part of your 2022 plan,
Update physical servers regularly
Cyber Security updates are a key focus for serving companies. Hackers target sites that don’t have the latest software Security updates are a key focus for securing companies hardware. Sites without the latest software aren’t protected against the latest vulnerabilities. These sites are most likely to be targeted by Hackers. You should download the latest version of your server’s security software as soon as possible and protect yourself and your business from a security attack.
Store sensitive data in a private managed cloud account
Making use of a managed private cloud account allows you to store sensitive data in a digital account as a backup. Meanwhile, employees are granted access to this information and data when needed. Passwords are required for access, and data is encrypted, providing multiple layers of security for your business.
Limit access to files for former employees and partners
It is essential that you keep in top of who has access to information within your business. Utilising a cloud system makes it easy to disconnect former employees. If you share information over email or other methods, it is important that you invalidate computer access of people no longer working in your business to prevent misuse of information. A simple system for this is requiring passwords for access, which you can then change as your team and any partners or vendors move on.
Ensure financial transactions are encrypted
This is only relevant to organisations that carry out transactions online. It is a requirement of Credit Card companies that suppliers protect customer data. Keeping your business secure online also includes keeping people who interact with your business online secure. You, or an outsourced IT company, can install encryption software, or you can make use of established payment processing companies, such as PayPal.
Make use of a VPN (Virtual Private Network)
All wireless networks are vulnerable to attacks, and with the increase in remote working, it is now more of a risk than ever as employees are spread across the world and utilising numerous networks. VPNs encrypt your data, and effectively hide your online footprint. This means you can safely exchange information on whichever Wi-Fi network you or your employees are using.
Backup your important data
No matter what size your business is, it is essential that all your important data is backed up so that your business can continue to run following the impact of a flood, fire, physical damage or theft. Moreover, it allows you to respond and recover quickly should you be subject to a cybersecurity attack.
Your website data, CRM/ email list and other essential data and documents can easily be downloaded as a CSV from the platform, or as files on a hard drive, and that should only be available to authorised personnel. You can also make the use of cloud storage, meaning your data is kept physical separate from your computer.
Use two factor authentication where possible
The final, and arguably the easiest tip to increase your business security, is to utilise two factor authentication. Your website, email and document access can easily be setup to require two factor authentication, making it increasingly difficult for hackers to access your data and business information.
Cyber Security should be at the forefront of any businesses plans for 2022, and if keeping your business secure online isn’t something you feel confident in achieving this year,
If you would like to check the validity of our ISO 27001 certification[TP1] (Certificate Number 288302018) or find out more about the ISO 27001 principles, we follow then please get in touch today as we would be delighted to speak with you.
[TP1]We need to check this url as it sometimes doesn’t work – we can do this when when we get confirmed