Cybersecurity can be a daunting proposition with seemingly endless providers claiming to give you some jargon-laden benefits to help keep you secure. So how do you know what you really need? Here’s what you should prioritize if you’re just venturing in to securing your business online.
Know your legal responsibilities:
Are you collecting personal information through your website or storing personal information where it is reachable online? In New Zealand you have a legal requirement under the Privacy Act 1993 to take reasonable safeguards to prevent the loss, access, use, or misuse of that information.
This means if your website, app, online store, or any other web service takes personal data from users you need to speak to your web developer or service provider to make find out if that information is being captured and stored securely. This step is best left to the professionals as it can get technical very quickly, but it is important your are aware of this responsibility.
Secure your business computers
Any device that is used to access anything work related online (emails, apps, web platforms etc) is a potential access point for an attack. Preferably all work related activity should take place on a machine set up or verified by you or your own IT staff so you can ensure certain safety measures are in place. At a minimum each machine should have up-to-date antivirus software, firewalls, and be protected by a strong password. It is also beneficial to have remote-wipe software in case of a future breach.
Secure your wifi
Users connected to your wifi are a greater risk so ensure your wifi has a strong password that isn’t shared widely with visitors. Regularly update your wifi password for greater security
Teach your staff to be web-smart
This is a full topic unto itself but one of the greatest threats to your cybersecurity is someone within your business being directed to do something damaging without being aware of what they are doing. Email phishing attacks, phone scams, and other attacks are designed to trick well meaning staff in to giving up vital security details or important information. See this article on training your staff to be web-safe for some initial steps you can take
Consider whether you need professional IT help.
Cybersecurity is a vast and technical field that you are unlikely to become an expert in unless it is your day to day bread and butter. There are many guides such as this that you can follow to keep you and your business safer than most but If you’re growing, becoming more high-profile, and more staff are coming on board, consider hiring a professional IT provider to help take some of the stress off so you can focus on your core business.
Is there a company size where you think you definately need to hire IT support?
For businesses less than 10 employees it’s really a matter of how comfortable (and how time-pressed) you are personally managing the various technical aspects. Any larger and I would recommend at least speaking to support providers to see how they could help.