Manage your business
Stay safe from cyber threats
Small businesses are increasingly concerned about cyber-attacks. Learn about the attacks and take precautions.
Contents
Common threats
Cyber-attacks occur regularly but the business owner must be aware of the most common threats.
Malware
Malware is a catch-all term for software that is specifically designed to cause damage to a computer, server or computer network. Viruses and ransomware are examples of malware.
Virus
A virus is a harmful computer program that spreads from one computer to another (and other connected devices). The virus’s goal is to give cybercriminals access to the computer system.
Ransomware (data hijacking)
A ransomware infection is a type of malware that infects a computer and prevents it from being used until you pay a ransom. Ransomware is usually spread through phishing emails and takes advantage of software vulnerabilities.
Phishing (identity theft)
Phishing is a type of cyber-attack that uses an unreliable website’s email to infect your computer with malware or steal your personal information. Phishing emails appear to be sent by a legitimate organization or a well-known individual. These emails entice users to open an attachment containing incorrect codes by clicking on them. Your computer will be infected with malware once this code begins to run.
Assess the risks of your business
Understanding your risk of an attack (threat level) and where you can make further improvements is the first step in improving your cybersecurity.
A cybersecurity risk assessment can identify areas where a company is vulnerable and assist in the creation of an action plan, which may include user training, guidance on the email security platform and advice on how to protect the company’s information accessibility.
Businesses with limited resources can still take measures to improve cybersecurity on their own if they do not have an IT specialist on staff, such as an employee or an external consultant. This can be accomplished by reading, searching and becoming knowledgeable about the subject.
Cybersecurity best practices
Antivirus software should be used and kept up to date
Make sure that all of your company’s computers are protected by antivirus software and antispyware and that they are updated regularly. Make a list of all the different local businesses that provide these services.
Secure your networks
Always remember to keep your internet connection secure. If you have a wireless network, make sure it is secure.
Use strong passwords
Using strong passwords is a simple way to boost your cybersecurity. Make sure you are using unique passwords for each account. A strong password includes:
- 10 characters or more;
- at least one uppercase letter;
- at least one lowercase letter;
- at least one number;
- at least one special character.
Multifactor authentication
For the login process, you will need additional information (for example, a security code that will be sent to your cell phone). Check with the service providers that handle your personal information, especially financial institutions, to see if they can provide multifactor authentication for your account.
Back up your data
Back up all of your computer data regularly. This includes, among other things, Word documents, spreadsheets, databases and HR files. If possible, back up your files automatically or at least once a week and store a copy in a secure location or the cloud.
Secure the payment process
Collaborate with your bank to secure the most reliable and valuable anti-fraud tools available. Isolate the payment systems from the rest of the system, and if possible, process payments on a different computer.
Control physical access
Non-authorized users should not have access to the business computer. Notebooks are easily misplaced and stolen, so it is a good idea to keep them locked up when not in use. It is recommended to ensure that each employee has his or her own account and password. Only the IT staff and the most important employees should have administrative privileges.
Contact SETAR
Telephone: +297 525 1000
Website: www.setar.aw
Email: [email protected]