Cyber Security Tips
Below are some tips for making you and your business safer and more secure when it comes to cyber security.
Set long and complex passwords, these days your passwords should at the very least be 8 characters in length, include special characters, number and upper-case and lower case letters.
Ensure you change the passwords for the accounts you regularly use.
Don’t use same password for different sites/ logins.
Use a password management program for lots of passwords if you are struggling to remember them all. Good examples include LastPass for cloud storage and KeePass for locally stored passwords.
Two Factor Authentication
Setup two factor authentication on important accounts. This provides an extra layer of defence against attacks by ensuring you need a separate form of authetication (usually a phone app request or email). If for some reason your email password gets hacked you’ve still got the last line of defence of denying the login requests from your phone or other email account. Almost all email providers and banks have two factor authentication as standard and you should expect that feature when signing up.
Insecure Sites & WiFi
Be careful connecting to insecure sites, for example does it have the lock symbol in the left-hand side of the address bar (see below)? If not make sure you know the site otherwise it could be harmful.
Also, be wary of open WiFi networks (e.g. free McDonalds WiFi). Free public networks are quite easy for hackers to take advantage of as these often have little to no security. If you do need to use them, make sure to forget the network by going into your settings and removing the connection once you are finished so your phone doesn’t automatically connect again when it’s in range.
Whether you employ staff or not it is worthwhile investing time into making yourself and those around more you educated on scam threats. Suspicious email requests and phone calls are particularly common so being aware of the common ‘tells’ as this makes a lot of difference in guarding yourself and business.
You can check out the below government links to keep abreast of the latest scams;
Policies and Procedures
Update policies & procedures to have a set process for changing key data (such as bank account payments). This is particularly key against scam emails and phone calls that attempt to make you act irrationally in panic by stating “You’ve been hacked! click here to change your bank details”.
A good plan is to have multiple people to go through when changing details, this way if one person doesn’t pick up on the scam the next person does. Also confirming whether these scams are legitimate by contacting the alleged sender and verbally confirming the change (e.g. calling the NAB if the email appears to have been sent as coming from them).
Ensure you are running some form of backup for your company data. Your backup strategy will vary depending on the size of your company and the type of data being backed up. The more sensitive the data the more often it should be backed up, smaller businesses may only need to backup once a week whereas larger organisations should be backing up daily. All businesses should ensure they are taking offsite backups, and test their backups every 6-12 months to ensure they are in working order.