We live in a digital world where our company’s data and (crucially) our customers’ data are constantly attacked. Hackers are always looking for new ways to break into your systems and databases, resulting in many significant data breaches in recent years.
This isn’t just an IT issue when your security and data are compromised. It’s a breach of trust between you, your customers and your suppliers – which can hugely damage your brand reputation and consumers’ perception of the company.
So, why are so few companies taking cybersecurity seriously? And what can you do to enhance your cybersecurity and protect your valuable data?
In the 21st century, your data = your business
It’s the customer information in your CRM system, the supplier details in your invoicing system and the financial data in your accounting software. It’s your bank account details, confidential client information and your company’s secret intellectual property or hard-won R&D findings.
If you lose your data, you damage the business too. So, protecting the safety and security of your data and systems has to be a top priority for any business owner.
To boost your cybersecurity:
- Make cyber security a company-wide concern – if a data breach occurs, there’s no use blaming the IT department after the fact. Cyber security has to be a concern for the whole business and something where you have clear advice, processes and training. The better your people are prepared to protect the company’s valuable data, the less chance of a security error or accidental data breach.
- Keep devices and computing hardware secure – where your employees use laptops and work mobile devices, they must keep this hardware safe. Don’t leave computers unattended in laptop bags in a coffee shop or bar or leave your phone unsupervised on a hot desk. Offer secure lockers and desk drawers where laptops and devices can be secured, and always think about the security implications of leaving your hardware anywhere other than in the office.
- Use a secure network connection – when connecting to work applications, databases and shared folders, always use the company network or an approved virtual private network (VPN). Using a secure network connection greatly reduces the chances of your data being intercepted and stolen. VPNs allow employees to log in securely when off-site or working at a client’s premises.
- Save important data in the right place – you should have clear protocols regarding what kinds of data can be saved and where this information should be stored. If employees keep spreadsheets full of confidential client information on their laptop hard drives, you are only one lost laptop away from a security breach. Set clear guidelines on which drives and folders to use and ensure only the right people can access confidential folders and content.
- Use proper authentication and encryption – use two-factor or even multi-factor authentication to access all your cloud and SaaS tools. And ensure you have adequate data encryption of any confidential information shared. By putting the best possible security steps in place, you greatly reduce the risk of a slip-up.
- Factor in the added security threat of WFH – with so many employees now working from home (WFH), there are extra threats to factor in. Good cyber security at home means using a secure VPN, keeping laptops safely stored, always using the latest applications and not sharing passwords with family or flatmates, etc.
- Log all security breaches – if the worst-case scenario happens, make sure to log every security or data breach – and be transparent about what’s happening when communicating with customers, suppliers or employees who may have been affected. The sooner all your stakeholders are aware of the issue, the sooner you can work to resolve the problem and limit the potential damage.
Speak to IT security experts and protect your data
Keeping your data safe and secure is a foundational need for any business. Speaking to a cybersecurity expert is sensible if you want to reduce your security worries. They will be able to review your current systems, networks and security practices and advise you on the key actions needed to tighten up your security.
Read more from the Australian Cyber Security Centre.