Five cybersecurity quick wins for small businesses

If you’re a small business owner, becoming more secure doesn’t need to mean devoting your whole life to it, or breaking the bank. 

In fact, for just about any small business, there are a few simple steps which can help to keep your most valuable data (think invoices, orders or customer information) safe from the most common cyber threats.

Most cybercriminals are not evil masterminds, so it’s easier than you might think to ensure you’re not the ‘low-hanging fruit’ they tend to prey on. 

Best of all, many of these ‘quick wins’ are either free or very affordable (and some come with other insurances, like keeping hold of your information in the event your office burns down – let’s hope not, though, hey). 

Back up to the cloud

Most of us have used cloud storage at some point, probably to store photos when your phone runs out of memory. And storing data in the cloud definitely makes it into this list of quick wins for small businesses – adding a layer of protection in the event malicious software like ransomware infects your device (which encrypts your files so you can’t access them – please remember never to pay the ransom), as well as keeping important data well out of harm’s way should fire or flood damage hit your office space. Backing up data to the cloud offers extra peace of mind – and it’s easy and cheap to do.

Get accredited

Think of cyber security accreditation, and you might be imagining years of study and intimidating levels of jargon – but you couldn’t be further from the truth. Choose the UK Government’s Cyber Essentials scheme and feel confident that you’ve covered all the basics to protect your livelihood from the majority of the most common threats. Plus, stick the badge on your branding to reassure others you work with (or who you want to work with) that you have your head screwed on when it comes to security. 

Use multi-factor authentication

Nowadays, most of us use two-factor (2FA) or multi-factor authentication (MFA) to bolster protection across most of our online accounts (if you don’t, go and enable it now). However, reports claim many small businesses are missing a trick when it comes to implementing MFA to protect the information they handle for work – just less than half (46%) of small business owners say they’ve enabled it, according to the US-non-profit Cyber Readiness Institute. So in our book, this is definitely an ‘easy win’. MFA is free, easy to use and built into many applications, and makes it harder for criminals to get near confidential, sensitive or personal data.

Think about using a vCISO

For small and medium-sized businesses, it’s often impossible to justify the expense of in-house cybersecurity staff – but that doesn’t mean you have to go without expert help. Just as small or micro businesses might hire in someone to handle a marketing campaign or to create a logo, you can also hire a vCISO (virtual Chief Information Security Officer) – an experienced cyber expert armed with board-level experience, and up-to-date cyber security knowledge and qualifications. Think of it as ‘cybersecurity-as-a-service’. 

Educate your employees

People who are empowered with the right information are your first line of defence against most types of cyber attack. A regular schedule of training (think a couple of hours, not days) can mean the difference between an employee who clicks on a link in a phishing email and one who doesn’t. Set yourself ahead of the pack in light of reports that only 16% of small and micro businesses offer security training and awareness to their teams (source: UK Government).