Increasing levels of sanctions on Russia are leading to an increased threat of cyber attack, warns online payment specialist Takepayments Ltd.
Amongst firms surveyed by the company fears are greatest amongst businesses in engineering, manufacturing, and the law, which has prompted the company to ask James Bore, Director of Bores Security Group, to provide tips in staying safe online.
1. Backup. Back up everything in at least some form separately from your business devices, and test the backups. Nowadays, if you’re using good cloud storage services, they can provide a high level of availability, screening for any known malware, and online storage that business owners can access from anywhere they need for a low cost rather than having to invest in expensive backup hardware. Given the cost of good cloud storage these days, business owners can either identify the most important things to backup or in most cases just ensure absolutely everything data-related is replicated online.
2. Be aware of malware. Malware is any malicious software. There are various different kinds, including viruses, and just like human viruses, no protection will be perfect. Protecting your business from malware is about hygiene – business owners should make sure that their antivirus or antimalware software is installed and turned on (there are good, free options as well as commercial ones, but do your research), make sure staff are not downloading and installing anything dodgy, do regular patching or turn on automatic updates, set up firewalls on machines, and try to avoid using USB sticks or memory cards – with cloud storage these should be largely unnecessary anyway.
3. The hygiene extends to phones and tablets as well. Turning on password protection, using some of the tools business owners are most likely already paying for to make sure devices that go missing can be found, or wiped, keeping everything up to date, and if they use public wifi assume everything they’re doing is visible to someone so don’t do anything sensitive.
4. A few words about passwords. If business owners have the option, secure passphrases (a collection of random words strung together or written in a sentence) are much more secure and easier to remember than a scrabble of letters and symbols. Business owners should also, for anything sensitive, use two-factor authentication – Google and Microsoft provide their own free Authenticator apps, and another good one is Authy – with an app installed on their phone or tablet.
5. Don’t get hooked. The vast majority of attacks happen because of malicious emails, commonly known as phishing emails. There are lots of lists of tips about how to avoid them, many of which are highly technical, but as a very basic piece of advice I usually say that if any message (email or voice) is asking a business owner to do anything out of the ordinary, or causing any sort of emotional response (excitement, fear, etc) then take a few seconds to verify it. To do this do not use any of the contact details provided in the e-mail, instead use a phone number they know to be right, a live chat page on a website, or any other method they know to be safe to confirm that the e-mail is genuine.
Sandra Rowley at Takepayments Ltd said: “Cyber security should ultimately be taken as seriously to a business owner as taking out business and liability insurance. More than one in five small business owners created a website for their business during the pandemic according to our recent report, and cyber security should come as a top priority for any business looking to move online. Unfortunately, as further sanctions are implemented towards Russia, the threat of cyber security attack’s could increase so now is more important than ever for businesses to implement as many cyber security measures as they can to ensure their business is protected as much as possible.”