Home How We Help Be more efficient Work Smarter Are you making these cyber security mistakes?

Work Smarter

Are you making these cyber security mistakes?

As cybercriminals use more sophisticated methods to target businesses, did you know that as a business owner there are some simple ways you can reclaim the power?

By Jenny Dikranian Content Writer, My Business

By ramping up your knowledge on how you and your employees can become cyber safe, you can all collectively make a difference to the bottom line. Unfortunately, almost 50% of employees unknowingly put business at risk of a cyber attack* so it’s important everyone has access to the tools to improve cyber security measures.

So, what are the main issues? We talk to Phil Parisis, My Business general manager of products, to find out the common mistakes small businesses make in cyber security. Here are the top five areas for improvement.

Common mistakes - cyber security risks checklist

1. Digital savviness: don’t assume all employees have the know-how. Like most skills, when it comes to cyber security and using technology, you should expect everyone to be at a different level. Only some will know the dos and don’ts.

A way to approach this is to introduce an acceptable use of technology policy and include social media use. The policy should clearly outline the business rules and will help reduce your vulnerability and business risk of cyber attacks. For example, if an employee jumps on Facebook via their work laptop and accidently or unknowingly clicks on a malicious link this can subject the business to a ransomware attack. Or an employee might use public Wi-Fi at an airport or at a cafe to finish off a report and their password gets stolen by a hacker. With documented policies these incidents are less likely to play out.

2. Passwords: replace weak passwords with strong ones. Hackers are experts at cracking passwords so the stronger they are, the more challenging it is for them to decode. The number one rule is to never use personal information to create passwords. Get into the habit of creating unique passwords for every account you use. Passphrases are a good option as they are made up of at least four random words. Or consider creating passwords using letters, numbers and symbols containing a minimum of 14 characters.

IS YOUR BUSINESS CYBER SAFE?

Explore our cyber training and resources to defend against online threats to your business. Plans start from only $10/month.

Discover more

3. Apply Multi-Factor Authentication (MFA). Regardless of what applications or business system you use in your workplace, MFA is a must. This is a security measure that requires more than one method of verification to access systems. For example, employees receive an SMS on their mobile device containing a unique code that expires in several minutes. The code would be required to log in to the computer system or network.

4. Accept the fact cybercriminals target any business. There isn’t a business small enough to slip through the cracks. If you’re using technology in any shape or form, you are at risk of being a target. There are times cybercriminals can target small businesses as a stepping stone to launch cybercrimes against larger organisations or suppliers you have a business relationship with. Be vigilant and create cyber awareness within your team. Read as much as you can to stay up to date.

5. Stop thinking software is the solution. Installing software such as anti-virus or anti-malware can only protect your business if your employees are cyber savvy and never make mistakes. Being human that’s virtually impossible as it’s easy to let our guard down when tired, busy or not feeling 100%. Even with the best software money can buy, once a cybercriminal infiltrates your systems, it’s like they have already broken into your home and the damage may not be fully understood for a long time.

ADDRESSING THESE COMMON CYBER SECURITY MISTAKES

To improve your cyber security, awareness training is key. My Business Cyber is a complete training solution. A health check will help you pinpoint where the knowledge gaps are – keeping in mind everyone is at a different level. Monthly training is delivered in bite-sized interactive and engaging modules. Phishing simulations are launched to test your staff. You can also access a vast range of resources and documents, everything from policies to checklists.

Remember, Australian small business is big business for cybercriminals so make it your business to power up your cyber security.

_{*Source: Compare the Market survey, January 2020}