While there are many things you can do to help protect against cybercrime, many of them come with a cost, and given that 70% of businesses believe that rising costs are one of their biggest concerns in 2021, many organisations are not in a position to invest in robust security solutions right now.
If you are one of the 70%, don’t worry – there are several things you can do for free that will increase your cyber defences and make it harder for cybercriminals to attack your business.
Here are some things you can do without spending a penny on educating your staff and helping harden your security posture.
1) Educate your staff about Cyber Security. One of the main defences we have against cybercrime is to educate our staff about the different ways we can be exploited and how we can protect against a cyber-attack.
If you’re thinking “How can I educate my staff if I don’t know myself” then there is a great course that has been written by the National Cyber Security Centre. It’s free, easy to use and takes less than 30 minutes to complete. I would recommend you ensure all your staff complete this free course as it will provide a good starting point for educating your staff about IT Security.
https://www.ncsc.gov.uk/training/top-tips-for-staff-scorm-v2/scormcontent/index.html#/
2) Don’t ignore important software updates. You have probably heard this many times before, but so many of us keep ignoring important updates that fix security vulnerabilities in our applications & systems.
3) Use strong passwords and change them regularly. This is one of the simplest ways to improve your security posture, but it’s often neglected. If you’re unsure how to create a strong password, then look at our template password policy that will ensure you are following CIS best practices for passwords.
However, having a password policy is only half the battle, you also need to ensure our staff adheres to our policy. If your business uses Office 365 or Gmail, we can enforce our password policy and ensure all our staff have a strong password and that their passwords are changed regularly.
Remember, we want to make it difficult for cybercriminals to take advantage of our systems, so ensure you don’t use the same password for all your accounts. After all, if your ‘universal’ password gets compromised, you would give away the keys to your kingdom in one fell swoop.
Bonus Tip: If you struggle to remember all your passwords, then why not use a digital password safe secured with multifactor authentication? I use 1Password to store all my passwords which is a paid solution, but there are free solutions available such as keypass.
- Keypass: https://keepass.info/
- 1Password: https://1password.com/
4) Secure your devices and accounts. You can secure your accounts with multi-factor authentication as it will significantly reduce the risk of your accounts being compromised. A cybercriminal will need to get hold of something you know and something you have.
You should also always lock your devices when you are not using them, but you can get the assurance this is being enforced throughout your business by using security functions that will automatically lock systems after x amount of time.
5) If in doubt, call it out – Encourage your staff to report anything suspicious or if they make a mistake and make it as easy as possible for your staff to report an incident to you.
Sometimes we make honest mistakes which can lead to a security breach, for example by emailing something sensitive to the wrong person or accidentally clicking a link on a website.
If staff do not have the freedom to call it out without repercussions, you may be putting your business at serious risk as a breach could be left undetected and may give cybercriminals all the time in the world to exploit your systems and business.