Threats to our technology come from many different sources, and protecting our data can seem like a never-ending job. It is.
It has been well documented that cyber security increased during recent years in personal attacks and those targeting businesses. The National Cyber Security Centre (NCSC) state in its annual report that there has been an increase in online threats.
Whether we use desktops, laptops, tablets or other mobile devices, they all rely on a range of good housekeeping measures to attain the best possible levels of cyber security for the business and the data it handles.
What is Cyber Security?
Cyber security refers to protecting electronic devices, computer systems and entire networks against data loss, theft or corruption. That might even involve disruption to the business and its services, expensive legal proceedings (in the event of a data breach) and irreparable damage to a business or brand.
As we can see, cyber security is a vital tool for GDPR compliance and the business itself.
With those things in mind, here are just a few important things to ensure you’ve got it right.
Move away from unsupported software.
Software, including operating systems, apps and free trial versions, almost always comes with a limited shelf life. That might not always mean replacing them, but it does mean keeping them up to date, replaced or subscribed to in order to access support and updates.
Always download and install the latest software and app
The latest software and apps are vital. The landscape of cyber security changes daily, with new threats emerging all the time. These threats can take advantage of vulnerabilities in even the most well-known software and apps; updates address them.
Run up-to-date anti-virus (even on a Mac)
One of the most important aspects of IT security is the software designed to identify, locate and remove dangers to your IT infrastructure. Keeping it up to date will ensure the barrier between your data and cyber criminals is as robust as possible.
Yes, it can be a hassle… Those long, alpha-numeric passwords with a capital letter here and there and some symbols are thrown in for good measure. However, they are infinitely more robust than “Password123” or the name of your favourite cat that you might have shared on social media.
Most modern browsers and even some ingenious software apps offer to remember them for you, too, safely and securely.
Two-Factor Authentication
Two-factor authentication sends a message, often to a pre-agreed mobile number or alternate email address. Typically it includes a code or link that forms part of a two-stage login process for websites, apps and software.
You enter your login credentials at stage one.
You enter the code or click the link sent to you (and only you) at stage two.
Delete suspicious emails and avoid clicking links
The human element is one of the weakest links in data loss, making training and awareness important for your teams. Phishing emails can seem incredibly realistic, and sadly, many people fall for them, clicking links that install malware or give cybercriminals access to your data.
Back up your data
It is good practice, and it makes sense. Many IT hosting platforms perform several backups daily for the clients they work with, but for smaller businesses, it isn’t difficult to set up. Backups are one of those things, you might go years with no need to for them, but when you do, you really do.
For help and advice on backing up your data, get in touch.
Training
Even the most secure and up-to-date systems are at risk if people are not trained to get the most out of them. Training your team on cyber security awareness is important. Not just from a hardware point of view but from risks such as social engineering, phishing attacks and the use of deception by cybercriminals to obtain confidential information.
If you would like to learn more about how to make your business stronger against the threat of cybercrime and data theft, I’d love to help. Get in touch today to schedule a free chat.
In today’s digital age, data protection is not just a legal requirement but a cornerstone of trust and reliability in business. For micro and small businesses, managing data protection alongside many other responsibilities can be overwhelming.
In the digital era, where data breaches and compliance fines are a real threat, the need to delegate data protection to a specialist becomes paramount. For small and micro businesses, navigating the complexities of data protection laws such as the Data Protection Act 2018, UK GDPR, and PECR can be daunting. This is where the significance of delegating data protection comes into play.
Here’s why a specialist is indispensable:
Expert Knowledge: Data protection specialists are well-versed in the intricacies of laws and regulations. Their expertise ensures that your business remains compliant, avoiding costly legal pitfalls.
Risk Mitigation: Specialists in data protection are adept at identifying and addressing potential security vulnerabilities, significantly reducing the risk of data breaches and the associated financial and reputational damages.
Focus on Core Business: By delegating data protection, your business can concentrate on its core competencies, which are essential for growth and sustainability.
Cost-Effectiveness: Investing in a specialist is often more cost-effective than managing data protection in-house. It saves resources spent on training and keeping up with evolving legislation.
Customer Confidence: Demonstrating a commitment to data protection through a specialist can significantly boost customer trust and loyalty, as it shows a dedication to safeguarding their personal information.
Why Choose Michelle Molyneux Business Consulting?
Choosing Michelle Molyneux Business Consulting for your data protection needs is a decision that offers both peace of mind and strategic advantage. With their deep understanding of data protection laws and a track record of effectively managing risks, they provide a service tailored to small and micro businesses’ unique needs. Their proactive approach not only ensures compliance and security but also positions your business as trustworthy and responsible in the eyes of your customers. Partnering with Michelle Molyneux Business Consulting means you’re not just meeting legal requirements; you’re elevating your business in the realms of security, trust, and professionalism.
As business owners, we are specialists in our own right. But we do not know everything – no matter how much we Google. Sometimes, it is too time-consuming to do it ourselves, too technical or just brain-numbingly boring. That is when we need to look externally for help, either as a long-term solution or as a short burst of guidance using a consultant. But getting that help can be a project in itself. How do you find the perfect fit?
Businesses get accreditations to show they have met a certain standard within a certain area or sector. Some accreditations include CHAS (health and safety), Data Security and Protection Toolkit (Health and Social Care), PQASSO.
The Data Security and Protection Toolkit is a self-assessment that shows commissioners and CQC that you have met a certain level of compliance in data protection.
Where do I start?
One of the hardest parts of getting accreditation is to decifyer what they are looking for and then collating it all.
Getting material together for an accreditation can be difficult and time-consuming.
What is Accreditation Support?
We work with a business to work through the accreditation instructions, identify what documentation you need and collating in a logical way ready to submit.
What do we do?
We breakdown what the accreditation requirements into;
a list of documents you need
easy to understand questions to be answered to provide evidence
schedule online sessions in to ‘blast’ through the questions and collate the evidence, where necessary
complete the questions and upload the evidence provided
We will even help identify what material is missing and support you to create AND implement it in the organisation.
Guarantees
We can not guarantee accreditation, as this is based on the answers and information provided by the businesses. Unfortunately, we can’t get accreditations when information and material is not there. BUT we can work with you towards gaining accreditations.
If you would like to know more, book a free 30 minute chat to see how we could support you best.
Many people think of passwords simply as a nuisance, a barrier between us and trying to access the websites and services we need.
On the other hand, some go the extra mile in creating passwords that are as strong as possible. This can be done by utilising a range of features to keep the accounts safe and secure for us to use for both business or otherwise.
One approach is definitely better than the other…
Understanding what makes a strong password is essential to protect our data. They are the first line of defence against unauthorised access. However, research clearly shows we don’t always use secure ones.
Reasons for this vary. Many think a short or straightforward password is easier to remember, and having that same password for a range of sites and services can save time.
They are, and they can, but from a security point of view, doing so is a risk that is not worth taking…
Here are some top tips to help you stay secure:
Switch on password protection or other authentication method
If your device has the capability, please use it.
Passcodes and passwords are the first line of defence for stolen or lost devices. Biometrics have made this process even easier, with features such as fingerprints and facial recognition. It is a fast and highly secure way to unlock your device.
Use two-way authentication
Multi-factor authentication is a method in which the user is only given access to a website or service after presenting two (or sometimes more) pieces of evidence that they are who they claim to be.
So, for example, after entering a password and username, you might be sent a text message to your registered mobile device, email address or other authentication app or token. That message will be a code to be entered at the next stage to guarantee you are you!
Password management
Many are tempted to avoid longer alpha-numeric passwords, as they are difficult to remember and time-consuming to enter.
Password management applications solve that issue by storing the passwords securely for you (they can even create them, too) and entering them on your behalf when you need to.
This feature is baked into IOS devices, Google Chrome and Microsoft’s Authenticator app. There are also password managers such as LastPass, which store encrypted passwords online.
Don’t be ‘password predictable’
This is by far one of the most significant challenges to overall security online. Scammers, hackers and other cybercriminals are well aware of this fact. It doesn’t always take computing power, just a little background information.
Birthdays, favourite places and pet’s names can all be easily ascertained via social media profiles. When you add in the usual common passwords some of us tend to choose, it isn’t difficult to see why anyone looking to trick their way into your accounts can have a massive range of password options to try.
Many cyber criminals instead use computing power in what are known as ‘brute force’ attacks to guess passwords with the help of automated software repeatedly. It is simple for the cybercriminal but potentially devastating for you or your business.
Here are some ways to avoid being ‘password predictable’:
Always avoid using predictable passwords
Try choosing three random words, but swap out certain letters for symbols, so for example Troutclocklight could be tr0utCl0ckl1&ht
Have your own rule for what letters you take out, what you replace them with and what you capitalise
1t 15n’t t00 d1ff1cU7t, and it is A LOT more secure…
If you need help or advice on making your business be data savvy, why not book a free clarity call? It might just save you time, stress and money in the future!
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behaviour or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional
Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
