Hands up. Do you use P-A-S-S-W-O-R-D as your password, delay software updates, or fall for phishing scams? These cyber security tips can help your business.
The internet has created a new world of business opportunity. You can sell to more people, communicate more efficiently and get paid faster.
These new opportunities go hand-in-hand with new risks. If a hacker breaches your business’s systems, you can lose money, customer data and suffer a blow to your reputation.
But protecting yourself online is easy, much like clicking on a seatbelt when getting into a car.
By taking just the few key steps outlined here, you can guard against cyber incidents – and reduce the impact if any do sneak through.
Research by Connect Smart (external link) shows eight in 10 New Zealanders have experienced a cyber attack, such as email hacks, computer viruses or misuse of credit card details.
Most software providers – particularly for your operating system – provide regular updates to guard against the latest hacks and bugs. It’s easy to ignore or put off these updates, but it’s time well spent to keep your systems safe. So next time you see an update notification, click “yes” and go make yourself a cup of tea.
Cyber criminals don’t just try to crack your passwords – they try to trick you into revealing them yourself. The most common method is known as phishing. An email will arrive, seemingly from a legitimate source such as a bank, asking you to log into your account. If you do so, you’ve given the scammers your password and/or user name.
Maintain a healthy scepticism. Banks never ask for your password, in person or by email. Check the authenticity of unexpected emails, or emails promising something that seems too good to be true. If it asks you to click on a link to log in to “your account”, does the URL match that of the organisation’s official website? While you’re on the official website, check for warnings that scammers have been targeting customers.
Look at your systems with a critical eye. For each one, ask yourself if you’re making it easy for an unauthorised person to gain access.
Avoid using the same password for multiple systems, and don’t assign staff the same password. If you use a generic email account (eg firstname.lastname@example.org) to access admin functions, limit the number of people who can log in.
These create regularity, making it easier to spot and fix any breaches. For example, if you assign one person to be the designated password-holder for a specific system, and another person the password-holder for another system, you’ll know straight away who to contact to check if any unusual activity is a breach.
Another tip is to set specific times for tasks such as depositing money or making batch payments. This will make it easy to spot suspect transactions.
Once you’ve identified and managed the risks involved, you’re free to make the most of the opportunities the digital world has to offer savvy businesses.
Connect Smart is a partnership of more than 100 organisations from across government and industry committed to lifting New Zealand’s cyber security. Connect Smart Week runs from 22 to 26 June, and focuses on making cyber security simple for small businesses.
For tips, download the SME toolkit (external link) from Connect Smart.