Majority of cybercrimes target small to medium and micro-sized enterprises (SMMEs), and research shows that most of these business owners don’t consider it a risk, and the consequence of falling prey to cybercriminals.
This is according to Bruce Murphy, Microsoft SA’s OEM Technical Sales – design in strategist, says why more and more unprepared organizations are left exposed is because of the misguided belief that business is too small to be targeted, or that the digital footprint isn’t significant enough. Murphy says that. “All it takes is one employee opening a virus-riddled email for the business to suffer a cyber attack.”
Businesses can’t afford to cut corners when it comes to ensuring uncompromised networks. Here are the five aspects businesses should focus on if they are serious about safeguarding themselves from cyber attacks.”
1. Regular updates are key
Businesses that delay over software and hardware updates, open themselves up to vulnerabilities. Ensuring that operating systems, anti-virus solutions, cloud systems, and all devices are kept up to date, massively minimizes opportunities for cyber attacks.
Murphy says “As the security threats we face today it is obvious that businesses set up automatic updates and manual checks of the software they use.” he adds “Windows 10 is the most secure operating system it has built-in anti-virus, firewalls, and backup software already installed, and leverages AI and machine learning. This means that when the operating system (OS) notices something even remotely suspicious, it’ll take measures to secure your system and stop the potential threat in its tracks. ”
2. Employee education
Murphy emphasizes the importance to educate staff on best cybersecurity practices, including security protocols for keeping employee, vendor and client data safe. He says “That a once-off education is not enough, as these kinds of threats are always changing, and employees need to be equipped with cybersecurity knowledge and training on an ongoing basis.”
Business owners must educate and train on an ongoing basis because the most advanced cybersecurity system will still fail if employees don’t know how to use it properly. “Teach your staff how to identify fake emails and unsecured websites to prevent malware infection, as well as the damage-control procedures to follow should a breach occur.”
3. Do not disable features
Most operating systems have built-in security features and technology to protect the device from potential threats.
“For example, though the setting is often disabled by IT managers, the little box that pops up asking the user if they are sure they want to run an application, is actually preventing unauthorized access to crucial system resources, which could be extremely damaging to the business in the wrong hands. In addition to keeping security features enabled, be sure to use a secure Web browser, such as Edge, and check that no extensions can activate your device’s microphone and camera to fish for information.
4. Holistic cybersecurity strategy
SMMEs, don’t need an extensive IT department to protect their businesses from data breaches and ransomware incidents. All they really need is to use modern devices, latest OS, and secure applications and Web browsers.
Murphy advises to avoid downloading unsecured, unknown applications, and to rather use the ones found on the system’s online app store. “Additional security features, like BitLocker, fingerprint activation or facial recognition, also enhance your overall cybersecurity strategy. Plus, if you have an operating system with built-in data back-up, recovery and antivirus protection, such as Windows 10, then you won’t need to spend more money on additional products.”
One of the benefits of Windows 10 Pro, is that it doesn’t derogate the performance of PCs as a lot of separate anti-virus programs tend to do. A business’s productivity won’t be affected, and it will always have peace of mind that its network is secure.
The harsh reality is that a major data breach, ransomware attack or easily-penetrable system can mean the end of a business of any size. Given that cyber attacks are becoming so prevalent and increasingly severe, it is in every organization’s best interest to prepare for the worst and implement a holistic cyber security strategy.