Be Cyber Aware: Cyber Security 101 – Back to Basics

Posted on: 14th August 2017

Cyber Aware

Be Cyber Aware with these tips from Pyranet and the Government’s Cyber Aware campaign…

Most businesses view faceless hackers as the biggest threat to their cyber security; however, your staff can also pose a significant risk if they are not educated about cyber security measures. If you’re worried about the increasing frequency of cyber-attacks hitting the headlines or have only just realised that a staggering seven million cyber-crimes are committed against smaller businesses every year [i] – we can help.

We have partnered with the government’s Cyber Aware campaign to equip you with some simple steps to ensure your staff know how to protect themselves and your company.

Restrict authorisation

We recommend only allowing a select group admin rights to your systems. By limiting these rights to a small group, you can stop staff members unknowingly downloading Trojans and viruses onto your system. Our IT Support can limit the number of people who have full admin rights to those who really need access like business owners, secretaries and IT administrators. This means that anyone who wants to download a programme has to have approval. This can help reduce the incidence of cyber threats, as many people can’t spot a fake program or document from a real one, causing them to accidentally download malware.

Set up guest wi-fi for visitors

Ensure a separate Wi-Fi network is set up specifically for visitors and their staff’s personal devices. Many business owners may not be aware that Wi-Fi networks can be easily compromised and company data can be accessed by cyber criminals… Allowing visitors to access the company Wi-Fi network is akin to opening your door to strangers – you don’t truly know who you are allowing to access your network. The best solution is to set up a guest network that all external visitors use which has a separate password.

The Government’s Cyber Aware campaign offers the following advice for businesses to keep secure online:

Use a strong, separate password for your email account

A good way to create a strong and memorable password is to use three random words, which are memorable to you, but not easy for other people to guess. Educate staff not to use words such as their child’s name or favourite sports team which are easy for people to guess by looking at their social media accounts.

Hackers are also aware of many of the simple substitutions we use; for example ‘Pa55word!’ may follow the rules of using letters and symbols, but is easy for hackers to guess. Hackers can use your email to access many of your personal accounts, by asking for you password to be reset, and find out personal information, such as your bank details, address or date of birth, leaving you vulnerable to identity theft or fraud.

Use two-factor authentication for your most important accounts

When available, give your most important accounts an extra layer of security.  By using two-factor authentication, your account can only be accessed on a device that you have already registered. When you first log-in with a new device, you are asked to complete a second step after entering your password, such as providing your fingerprint or entering a unique code which has been sent to your phone.

Install the latest software and app updates for your devices

These contain vital security updates which help protect your business’ devices from viruses and hackers. Security updates are designed to fix weaknesses in software and apps which could be used by hackers to attack your device. Installing them as soon as possible helps to keep your personal and business devices secure.

You can choose to install updates at night or over the weekend when the office is empty.  Additionally, updates can be set to when devices are plugged in or they are connected to the company wi-fi and the update is available. You can also set laptops and desktops to automatically install software updates when an update is available or at a time that suits you.

Always back-up your most important data

Always safeguard your most important data such as key documents by backing them up to an external hard drive or a cloud-based storage system. If your device is infected by a virus or accessed by a hacker, your data may be damaged, deleted or held to ransom by ransomware, which means you won’t be able to access it. Backing up your data means you have another copy of it, which you can access in the event of a cyber attack.

Secure your tablet or smartphone with a screen lock

Adding a screen lock to your devices provides an extra layer of security,  as each time you want to unlock it or turn it on, you will need to enter a PIN, pattern, password or fingerprint. This means if someone gets hold of your device they can’t access the data without these unique credentials.

For more information about the Cyber Aware campaign, visit www.cyberaware.gov.uk .

[i] FSB, (2016) Cyber Resilience: how to protect small firms in the digital economy.  http://www.fsb.org.uk/docs/default-source/fsb-org-uk/FSB-Cyber-Resilience-report-2016.pdf?sfvrsn=0