Whilst many of us see the festive period as a time to relax and put our feet up, cybercriminals see it as an opportunity to slip under the radar and launch an attack at a time when victims are caught off guard.
Online security doesn’t need to be complicated or stressful, following some simple steps can be the difference in you falling victim to a cyber-attack. To help you, we have produced a simple checklist of 8 things you should do to secure your business before you leave the office for the holidays.
1. Identify your most valuable assets in a cyber security risk assessment
Cyber and online security should fall into your security risk assessment, and it should identify information assets that could be affected by a cyber-attack (such as hardware, systems, devices, customer data, intellectual property, social media accounts etc).
2. Do you need to promote your business as unoccupied?
If you were leaving your home unoccupied to go on holiday, you wouldn’t post this on social media or announce it in an email to your whole organisation – so why would you treat your business holiday any differently?
3. Make sure you have a Cyber Incident Response Plan - so you're prepared should an attack occur
A cyber security incident response plan provides a process that will help your business, charity or third-sector organisation to prepare for, respond and recover from cyber incidents. Download yours here.
Our plan also features contributions from law firm Irwin Mitchell, their guidance ensures businesses are aware of the key commercial and legal implications of a cyber incident.
4. Install anti-virus software and don't forget to check it’s working!
Cyber threats are constantly changing and adapting to break down our defences, so installing anti-virus software has never been more important. Antivirus software creates a barrier against malware, which is malicious software or viruses designed to cause havoc on your devices.
5. Create strong passwords and take advantage of a password manager
If you’re using the same one for multiple accounts, the best practice is to change them using three random words and a password manager will help you remember them all.
6. Is Multi-factor authentication turned on?
Multi-factor authentication, (also known as two-step verification), will ask you for multiple verification factors before access can be gained to your online accounts. Often the verification factor might be a one-time password where you are asked to enter a 4-digit code that you receive via SMS, email or through an authenticator app.
Multi-factor authentication provides you with greater assurance that the access request is genuine, which reduces the risk of unauthorised access to your accounts.
7. When did you last backup and update your data?
Take regular backups of your important data and test if they can be restored. This will reduce the inconvenience of any data loss from theft, fire, or other physical damage or ransomware.
Also, be sure to keep your devices and software updated. Software vulnerabilities are security holes that offer an easy way for cybercriminals to infect your systems.
8. Become a member of The North West Cyber Resilience Centre
Daily, businesses of all sizes in the UK are being targeted by cyber-attacks. Our FREE membership is easy to follow, quick to action and highly effective in helping your business and your supply chain to become more resilient to online crime.