10 tips for keeping your business safe online

The government has identified ‘Ten Steps to Cyber Security’, which are essential for any business looking to protect itself online.

There are plenty of simple and straightforward steps that companies can take to keep themselves safe in the digital world. As accompaniment to the support offered in their Cyber Essentials programme, the Government advises you to take action in the following key areas:

1.    Network Security

It’s important to be aware of what’s on your network and to see that your hardware and software are properly configured. Make sure you act upon notices and warnings.

2.    User Education and Awareness

Make sure you have a proper policy in place for using IT and that your staff members are told about it at induction. It’s also important to remind employees of good security practices on a regular basis.

3.    Management of User Privileges

It’s critical to manage access to IT through a combination of user names and good, strong passwords. Remember not to write them down or share them and only give users access to what they need.

4.    Security Configuration

This is about keeping your IT updated with relevant firmware and patches. Make sure to document your IT assets.

5.    Removable Media Controls

This refers to devices such as USB sticks, SD cards and CDs. Make sure it’s safe to bring them on to your network. It may well be that using the cloud is preferable.

6.    Home and Mobile Working

With more people working at home, you need to have a proper policy in place and install relevant passwords and authentication software. People are likely to be using mobile devices too, so make sure they’re not walking around with unsecured corporate emails.

7.    Malware Protection

Make sure that you keep your anti-malware software up to date through one of the mainstream suppliers. It will scan and sweep on a regular basis, helping to protect you from threats.

8.    Risk Management

Create a board of people who are responsible for risk within your business and ensure that they oversee the development of effective policies.

9.    Monitoring

Keep track of your hardware and software and look out for unusual activities.

10. Incident Management and Business Continuity

It’s important to have an incident management team which is capable of dealing with any attack and acting upon it.

For more information, please visit:

https://www.gov.uk/government/publications/cyber-risk-management-a-board-level-responsibility/10-steps-summary

Kieran Paton
ICT Network Administrator