blog

Business security is at risk from human error

2016-11-30

Are you confident your business security is adequate? Will it protect you from the risk of a cyber-attack? It’s not just large businesses and multinationals which are targeted. SMEs are facing increased risk from attack as they are perceived as ‘soft’ targets.

The Information Security Breaches Survey 2015 found the cost of business security breaches to be as high as £310,800 for SMEs. 74% of small and medium businesses have suffered a security breach. Despite robust anti-virus software, many businesses are still exposed to risk through human error and the use of personal email accounts.

What can you do to reduce the risk to your business security?

Educate Staff – ensure your employees are aware of the risks of a virus or malware attack. Explain the impact it could have on your business. Educate staff about whaling and phishing emails and how to identify them. Ensure they aren’t using personal email accounts on business PCs and laptops or visiting insecure websites.

Security Policy & Procedures – ensure your employees are clear on your policy relating to the use of email, social media & web browsers. Provide clear guidance on remote working. Be clear on the rules for using personally owned devices for business activities. Inform them of the procedure they should follow if they spot a security breach or suspect a cyber-attack. You could think about implementing the following –

  • a company policy that prevents the use of personal email accounts (including Yahoo, Gmail, Outlook etc) on a business PC or laptop.
  • a policy that prevents business laptops being used for any personal correspondence when working from home or out of the office.
  • guidance to ensure personal laptops are not used in the work place, unless covered by a business Office 365 licence.

Incident Management Plan – make sure you have a robust plan in place should your business come under attack from a virus or malware. Share the plan with all staff. Incident planning will help to minimise the damage and cost which can result from an attack.

Finally, don’t forget to check that any suppliers, contractors and 3rd parties that you work with also have adequate security in place. A breach in their security could impact your business too.

For help and advice on business security contact us for a free consultation.

Cyber Security Breaches Survey 2016