Everyone’s heard of the big data breaches at huge companies such as Yahoo and eBay, but perhaps not of the data breaches that happen every day to smaller companies.
One of the most common mistakes that small businesses and freelancers make is the: “my business is too small to be targeted” mentality. Therefore a lot of smaller operations neglect their data security to the point where they become easy pickings for a hacker to access their information.
A survey by YouGov for Barclays Business Banking revealed that small businesses are being targeted more by fraudsters, with 44% of SMEs being targeted and almost one in four becoming a victim.
The risks of no security protection
Underestimating the threat of cyber-attacks leads many businesses to neglect basic security. They could be running on old versions of Windows or WordPress, leaving them open to attacks that have been perfected over the years.
They could be storing customer data on Google Drive or ignoring updates for anti-virus software.
The majority of cyber-attacks these days can be prevented with basic training sessions in good password practice and how to recognise phishing scams. However, many small businesses don’t offer any kind of formal training.
The most common attacks
One of the most common methods of attack are through emails. Fraudsters will send an email that looks like it comes from the boss or someone else high up in a company asking for a money transfer. Some fake emails are so well made that people don’t think twice about them.
What’s this got to do with freelancers who work alone?
You may think that by working alone, you’d be safe from this kind of email scam. However, phishing attacks can happen to anyone and can target in multiple ways.
They can be in the form of emails from Paypal, eBay or any other business tool you use. You may get phone calls from people pretending to be your bank’s fraud prevention department.
First line of defence
If you ever receive an email from your bank or Paypal that asks you to click a link to verify your details, don’t! Instead log into your account using a different link to see if there are any messages about security issues on your account. Most of the time there won’t be and you’ll have saved yourself from an attack.
The same goes for phone scams. If someone contacts you out of the blue to say your account has been compromised, either log on yourself or phone the official number before you give any details out.
Besides learning about good security practice, the next thing you need to do is ensure that your computer is protected with anti-virus software and firewalls.
Anti-virus protection is important to protect your computer and files from becoming corrupted. Installing a firewall is essential to block unwanted access to your network. There are many free versions out there or you can pay for ones with more features. Make sure you do a computer scan every few months to check your system is squeaky clean.
If you’re attacked by a hacker, you could lose all your work or website content. This can be a huge obstacle to overcome which will set your business back greatly.
Make sure you back up all files on your computer with a variety of sources such as external hard drives or cloud storage where appropriate.
The same goes for your website too. Back up website files so that after an attack you can be up and running again sooner.
Check your privacy settings and be careful on social media
With Facebook’s recent scandal, people are becoming more aware of the personal data that social media sites have. While some may boycott the site, for those who use social media for business, it’s not that simple.
Go through all your privacy setting and change whatever doesn’t look right. Make sure that any personal information is not easily accessible and that everything is set to private.
Social media accounts get cloned all the time. The cloned account will then ask everyone on their friends list for personal details. If someone sends you a friend request who you already have added, check with them first to see if it’s a genuine account. This is particularly important for those who use social media accounts for business purposes.
Cyber security laws
The new laws on cyber security mean that any business that allows customer data to be compromised will end up with a hefty fine. This is something that could be the final nail in the coffin for such a small business.
This paired with the new General Data Protection Regulation (GDPR) means that you’ll have to be very careful with any customer data you may keep.
Is your business cyber-secure? Have you ever had a cyber-security scare? Please share any thoughts or comments below.