30+ Cyber Security Tips for Business
We've compiled a list of cyber security tips for businesses that you can use for either personal or professional means.
Take a look at the list below to learn something new for today 😃
Tip #1: Treat business information as personal information
Business information typically includes a mix of personal and proprietary data.
While you may think of trade secrets and company credit accounts, it also includes employee personally identifiable information (PII) through payroll etc.
Be exceptionally careful about what you are sharing, and be cautious of how you are sharing it.
Tip #2: Connect only with people you trust
While some social networks might seem safer for connecting because of the limited personal information shared through them, keep your connections to people you know and trust.
Cybercriminals frequently use social media to harvest information about potential targets.
Tip #3: Double your login protection
Enable multi-factor authentication (MFA) for added protection.
It ensures that the only person who has access to your account is you.
Use it for email, banking, social media, and any other service that supports it.
If MFA is an option, enable it by using a trusted mobile device, such as your smartphone, an authenticator app, or a secure token.
Tip #4: Secure your home network
Cybercriminals can access all your connected devices via your home router.
As more staff work from home, it's important to secure your home Wi-Fi by setting the password to something complex and personal.
Ensure that you have changed the default password on smart devices.
Tip #5: Use a long passphrase password
You should consider using the longest password or passphrase you can.
Combine three random words together, with two numbers. Capitalise some characters.
Bonus: Add in some punctuation and capitalisation.
Tip #6: Keep your software up to date
Keep your information safe from known vulnerabilities by turning on automatic updates so you don’t have to think about it.
Bonus: Set your security software to run regular scans.
Tip #7: Social media is part of the fraud tool set
Cybercriminals can gather information about your business partners and vendors, as well as HR and financial departments, by searching Google and scanning your business social media accounts.
Avoid oversharing on social media and do not conduct official business, exchange payment, or share Personally Identifiable Information (PII) on social media platforms.
Tip #8: It only needs to happen once
Data breaches do not typically happen when a cybercriminal has hacked into your company’s infrastructure.
Many data breaches can be traced back to a single phishing attempt, security vulnerability, or instance of accidental exposure.
Do not click on unknown links, be wary of unusual sources, and delete suspicious messages after reporting or forwarding all phishing attempts to your IT department.
Tip #9: Back up your data
Back up all your data to another device or third-party cloud service in case your device is compromised.
Remember 💡 Synchronisation services such as OneDrive and Dropbox are not data backup solutions. The changes ransomware makes can damage synchronised copies too.
Tip #10: Stop auto connecting
Make sure your device doesn’t automatically seek and connect to open wireless networks or Bluetooth devices.
This opens the door for cyber criminals to remotely access your device.
Disable these features so the choice to connect to a secure network is in your hands.
Tip #11: Avoid sensitive activities on public WiFi
Confirm the name of the public network and exact login procedures with appropriate staff before connecting.
Do not trust any network without an access password, and consider using a VPN to keep your data private when using public networks.
Tip #12: Limit what information you post on social media
Many people don’t realise that personal posts on social media are all that criminals need to know to target you, your loved ones, and your physical belongings – online and in the real world.
- Full names
- Postal address
Tip #13: Never leave your mobile devices unattended
Keep your devices secured in taxis, at airports, on airplanes, and in your hotel room.
Never leave your equipment unattended in a public place. Enable “automatic lock” functionality where available.
Tip #14: Play hard to get
No, this is not love advice 😊
Cybercriminals use social engineering tactics, hoping to fool their victims.
If an email looks “phishy” do not respond and do not click on any links or attachments found in that email.
When available use the “junk” or “block” option to no longer receive messages from a particular sender.
Tip #15: Check your app permissions
Your mobile device can have suspicious apps running in the background or using default permissions you never realised you approved.
They can gather your personal information without your knowledge.
Use the “rule of least privilege” to delete permissions that you don’t need or no longer use.
Bonus: Only download apps from trusted vendors and sources.
Tip #16: Protect your devices with antivirus software
Make sure your device’s security software scans for viruses and malware.
Be sure to periodically back up any data that cannot be recreated such as photos or personal documents.
Tip #17: File sharing between devices should be disabled when not needed
You may want to consider creating a dedicated directory for file sharing and restrict access to all other directories.
You should always only choose to allow file sharing over home or work networks.
Never on public networks.
Bonus: Password protect anything you share.
Tip #18: Get assistance to secure your network
Check the customer support area of your ISP or router manufacturer’s website for specific suggestions to assist in securing your wireless network.
Tip #19: Use a VPN (Virtual Private Network)
VPNs encrypt connections at the sending and receiving ends and keep out traffic that is not properly encrypted.
VPNs allow employees to connect securely to their network when away from the office.
Many businesses have a VPN.
If a VPN is available to you, make sure you use it.
Tip #20: Know who is on your network
Most wireless access points and wireless routers let you see which devices are connected.
Review these lists frequently for any devices which are unfamiliar, either blocking those which are unfamiliar, or changing WiFi passwords to keep unauthorised devices out.
Tip #21: Don’t tell anyone your passwords
Seems like an obvious one, but you would be amazed how many people write down their passwords or share their login credentials via email.
Every time you share or reuse a password, it chips away at your security by opening more ways with which it could be misused or stolen.
Tip #22: Update your social media privacy settings
Set the privacy and security settings to a level you’re happy with.
Disable geotagging. It allows anyone to see where you are, and where you aren’t, at any given time.
Not a great idea.
Tip #23: Check for the "green lock"
Practice safe surfing wherever you are by checking for the "green lock" or padlock icon in your browser bar when making financial transactions
It indicates a secure connection which has undergone extended validation, and that the business you are dealing with takes the security of your transaction seriously.
Tip #24: Share with care
Even if you delete a post or picture from your profile seconds after posting it, chances are someone still saw it.
Tip #25: Use a password manager
A password manager is the most secure way to store all your unique passwords.
With just one password, a computer can create and save passwords for every account that you have.
Bonus: Never divulge your master password 😉
Extra bonus: Protect your password manager with a physical security token
Tip #26: Be wary of communications that implore you to act immediately
Cybercriminals will always attempt to create a sense of urgency, causing the recipient to fear their account or information is in jeopardy, or that they are about to miss out on something.
If you receive a suspicious email that appears to be from someone you know, reach out to that person directly on a separate secure platform.
If the email comes from a business but still looks “phishy”, reach out to them via customer service to verify the communication.
Tip #27: Be wary of hyperlinks
Hover over links to verify they are authentic.
Ensure that URLs begin with “https”. This indicates encryption is enabled to protect your information.
Watch out for “lookalike” domains, such as “myb4nk.com”
Tip #28: Utilise a firewall
Firewalls can prevent some attacks by limiting malicious traffic.
They can also restrict unnecessary outbound communications.
Some devices and operating systems come with a firewall preinstalled.
Make sure your device is currently using a firewall and that it is configured properly.
Tip #29: Double check email attachments
It is common for cybercriminals to alter the return address so that it looks like the message came from someone other than the sender.
Before opening any attachments, verify that the message is legitimate by contacting the person who sent it.
Use caution even from people you know.
Be especially wary of unsolicited attachments.
Tip #30: Utilise the “guest” account option on WiFi
A widely used feature on many wireless routers, it allows you to grant wireless access to guests on a separate wireless channel with a separate password.
This maintains the privacy of your primary credentials.
Tip #31: Watch out for Phishing 🎣
No, not fishing: Phishing.
According to Verizon’s 2021 Data Breach Investigations Report, 36% of all breaches involved phishing. 85% of those breaches involve a human element.
Its goal is to gain information about you and use it to make unauthorised purchases or to gain access to a secure system.
Be a cynic and always suspicious of unexpected emails.
Tip #32: Use unique passwords
Too many people fall into the trap of using the same or very similar password for all accounts. Cybercriminals try to use stolen passwords from one service to log into other services, known as “credential stuffing”. Defeat this by using different passwords for each service.
Bonus: Use a password manager to set random passwords for each account.
We hope you enjoyed our cyber security tips for business. If you have any other questions, please feel free to get in touch.
Back to the blog.
Sign up to our newsletter
The latest insights, articles, and resources direct to your inbox.