06 Aug Protecting your business – Navigating the New Working World
2020 has been a turbulent year, requiring businesses to adapt and implement massive changes often at breakneck speed. When the initial lockdown restrictions were imposed in March many businesses were likely caught off guard and were forced to adopt less than ideal practices to ensure their staff were able to operate from home to some extent.
As the months have passed, it is still recommended that employers allow their staff to work from home where possible, and for many businesses willing to adopt remote working has proved extremely viable. For working from home to be effective employers should invest in business-grade solutions that give staff access to office-grade resources from the comfort of their own homes. Such solutions can ensure efficiency, business resilience and a high level of service delivery, as discussed in the previous blog in this series.
While efficiency savings and service continuity are important during these troubling times if there is one consideration that should remain, your top priority it’s Cyber Security!
Now is an opportune time to assess your business’ security vulnerabilities and take steps to ensure your digital assets remain securely stowed away from the bad guys who could do your business serious harm. Online security is heavily entwined with risk management and business resilience – by keeping your business’ data secure you’ll increase customer confidence, reduce the chance of a potentially ruinous data breach and ultimately safeguard your business’ future.
How can I keep my business Cyber Secure?
There is no short answer to this question. Security is all about assessing every potential vulnerability and using good practice, security policy and technical solutions to address the risks. Let’s look at a few of the main steps you can take as a business owner.
IT oversight and proactive maintenance
This centres around the concept of IT governance – having the ability to centrally manage your tech ‘real estate.’ This means being able to maintain (patch and update as required), monitor (scan for security vulnerabilities) and enforce security protocol across your entire network.
Any good IT provider should have this down to a fine art. They should have remote monitoring capabilities that allow them to address security issues before they become business-critical, ensure all your devices are updated and patched regularly to avoid security loopholes presenting themselves and be able to implement and enforce security procedures that help you ensure regulatory compliance.
Seal up Cyber Security weak points!
One of the greatest challenges in Cyber Security is minimising ‘points of entry’ for Cyber Criminals. IT systems can be vast and complex, with even relatively small firms now using a large number of devices and applications, creating a large ‘attack surface.’ Before you can enhance security you should make a list of the ‘weak points’ in your system so that you can address each individually and avert a potentially devastating cyber attack.
Consider how your staff are handling data:
- Are you over-reliant on staff storing files locally?
- Do you have a way of managing access permissions?
- Are you in control of your data, or is it able to end up in locations outside of your control?
Consider access management: are you able to keep your business’ data and accounts under lock and key?
- Do you have a mechanism for managing access remotely? Do you have a way to grant access to files and applications to staff based on job roles or responsibilities?
- How would you go about withdrawing access to a resource? For example, if an employee leaves your company?
- Are personal devices putting your data at risk? The use of personal devices normally means you have less oversight and control – this could put your data at increased risk.
Consider what would happen in a worst-case scenario – is your data backed-up and encrypted?
- Could you easily restore your digital infrastructure should some devastating situation unfold? Everything you rely on should be backed up – data, servers, software applications – whether it’s cloud-hosted, or office-based you should have a recovery mechanism in place should some unforeseen disaster occur.
- Are you using encryption? Encryption makes your sensitive data unreadable to prying eyes. It’s a particularly useful security tool where mobile devices are concerned – where theft could result in data falling into the wrong hands.
Educate staff on security threats and best practice
It’s a bit of a cliché, but your employees really are your first line of defence when it comes to protecting against online security threats. You should make sure they know how to identify some of the techniques used by cybercriminals. Email is a persistent headache in terms of cybersecurity as it relies on users being able to identify emails from potentially malicious sources – email filters are not impenetrable. So ensuring that your employees can identify email Phishing scams, for example, is very important.
Additionally, staff should be aware of the principles of good password management and know which communication channels are appropriate for the handling of sensitive information.
Take a look at ‘Cyber Essentials.’
‘Cyber Essentials’ is a government-backed scheme designed to help businesses safeguard themselves against the majority of online threats. The scheme offers two levels of certification that allow businesses to display their commitment to online security to their customers.
To achieve certification the scheme recommends 5 technical controls that businesses should employ to protect themselves. These are:
- Using a Firewall
- Implementing security settings on devices and software
- Control access to data and services.
- Take steps to protect against malware and viruses.
- Keep devices and software maintained.
This scheme provides a good foundation on which to base your security strategy, and its certification will reassure your customers that you care about online security and the safety of their data.
Where do I begin?
The UK government is currently in the process of rolling out funding to help businesses make efficiency changes as part of its economic response to the Covid-19 pandemic.
These grants of up to £5000 could help you embrace technological change, in order to improve efficiency, resilience and ensure your business is able to sail through these turbulent times relatively unscathed. This funding could help you invest in productivity-boosting new tech, migrate systems to the cloud and ensure your team are adequately trained and supported in the use of any new technology.
At Netcom, we are well-versed in helping companies in various sectors navigate the often mystifying, jargon-filled worlds of IT. With over 15 years’ experience and covering virtually all aspects of business IT, we can help guide your business through this uncertain period and help you deploy cutting edge solutions that will not only help you weather the current storm but keep your business at the top of its game beyond the pandemic.
So for guidance on Government funding, IT strategy and digital transformation why not book a free, no obligation discovery call today by calling 0114 361 0062.