Intelligent CIO Africa Issue 21 - Page 71

INTELLIGENT BRANDS // Enterprise Security POWERED BY Five things SMEs should be doing to combat cybersecurity ///////////////////////////// With unprepared businesses ending up on the firing line, Michael Colin, Sales Director at telecommunications service provider BitCo, offers five ‘easy-to- implement’ defence mechanisms. N aivety and ignorance are no longer valid excuses and owners of small and medium-sized organisations in every sector are under even more pressure to comply with data protection requirements as well as safeguard their operations. If big fish like Liberty can be hacked, how vulnerable are local SMEs to cybercrime? You do the maths. Despite the obvious danger, about 87% of small business owners don’t consider themselves at risk of falling prey to cyber- predators. This misconception highlights why it is so important to take real action and ensure that your security measures can adapt to risks before they materialise. 1. Strengthen password protection Possibly the easiest security procedure to execute, there’s no reason to still use your birthday as your desktop password. Increase password difficulty and uniqueness with a mix of lower and uppercase letters, numbers and special symbols, and utilise reminders that prompt you to update passwords regularly. Two-factor authentication (which you’re probably familiar with in terms of banking app transactions) is also valuable as an additional layer of security for sign-in processes. A further good idea is to limit employee access to passwords according to their role at the company – not everyone needs access to everything on the system as this creates additional avenues for cyberattackers to exploit. 2. Educate employees The most advanced cybersecurity system means very little when your staff don’t know how to use it properly. Introduce security protocols for keeping employee, vendor and client information safe, as well as damage-control procedures staff can follow should a breach occurs. Train employees to follow best cybersecurity practices. This applies particularly to identifying fake emails and unsecured websites – the typical source of malware infection. 3. Update devices Regular software, operating system and web browser updates are crucial to shield desktops, laptops, tablets and cell phones against the latest, ever- evolving security threats. Cloud software should be automatically updated by the provider but ensure you and your staff make a point of manually checking for new versions of all other software anyway, especially your antivirus protection. If your employees use personal devices for work – in line with the growing BYOD (Bring Your Own Device) trend, consider having a network administrator install monitoring software and promote automatic security updates on these pieces of hardware. Such cautionary moves help to ensure an uncompromised company network. 4. Create backups regularly Schedule routine backups (daily, or at least weekly) of all important information stored on company computers and keep a copy of these backup files in the cloud, as well as on an offline hard drive to be extra-safe. Both copies should be encrypted. Data backups form part of a broader cyber resilience strategy to help your business resume normal operations in the event of a cybercrime incident. 5. Install an on-premise managed firewall For around-the-clock, all-inclusive and enterprise-grade protection, your best bet is an on-site firewall. A service provider will install, manage, monitor and maintain the hardware, removing any guesswork and offering you peace of mind that your systems and all the precious data they contain are safe from illicit access attempts. Given that cyberattacks are so prevalent, and increasing, it’s best for businesses of all sizes to prepare for the worst. Implementing these security measures, and having a holistic cybersecurity strategy in place, will help to prevent unauthorised network entry and reputation-damaging data loss. n INTELLIGENTCIO 71