Do you have the right security measures, systems and tools in place to manage a cyber threat? That’s the question every Australian business owner should be asking themselves. But the reality is that only 24% of companies believe their organisations are secure.
It’s very easy to get overwhelmed as it can feel like there’s a lot you should be doing and you simply don’t have endless amounts of hours to navigate it.
That’s why we’ve put together this list of ‘low effort, but high impact’ actions to get you started.
In as little as 10 minutes, you can make significant difference to how you protect your business from being attacked by a cyber threat.
1. Keep software up-to-date
It’s important you keep your operating systems updated. Software updates aren’t just there to introduce new features, they include security updates and bug fixes too.
What you can do:
- Set up your system preferences to install any new security updates automatically if you can;
- Check that any devices you use to manage your business are also up-to-date.
2. Create strong passwords
Unfortunately, password hygiene among small businesses is far worse than large organisations. Data shows businesses with fewer than 1,000 employees reuse 10-14 passwords compared with four reused passwords in larger businesses. It comes down to making sure you adopt good password habits and make sure your employees are on board with them too.
What you can do:
- Establish a regular password reset routine every three months at least;
- Make sure there are no shared passwords between employees. Every individual should have their own username and password;
- Ensure the passwords are strong with mandatory requirements of a combination of capital and lower-case letters, numbers and symbols with 8 to 12 characters long.
3. Install a strong firewall
Firewalls are your first line of defence and there to help you control the flow of external traffic coming in and out of your business. Your firewall will work round the clock to monitor and block any potential threats.
What you can do:
- If you don’t have a firewall: this article should help you decide on which one is best for your small business;
- If you do have an existing firewall: make sure your firewall is updated regularly and configured in a way that makes sense for your business. If you want to do this yourself, here’s five steps to configure a firewall;
- If you’re a customer of Eway: you don’t need to worry about deciding which firewall is right for you as you’ll gain access to Trustwave’s platform through our Merchant Trust Initiative (MTI) program. However, you’ll still want to ensure the firewall is configured to suit your business, which is something an expert at EWAY can help you with.
Let us help you. Eway has created the Merchant Trust Initiative (MTI) program to provide peace of mind to business owners that they are protecting their businesses against data breaches and also fulfilling their PCI-DSS obligations to protect themselves and their customers’ information.
4. Install reliable antivirus software
It’s the most effective way to protect your system against worms, trojans, ransomware and other malicious software.
What you can do:
- If you don’t have antivirus software: Check out Tech Radar’s best antivirus software overview to understand the different features and prices available;
- If you do have existing antivirus software: Similar to your firewall protection, antivirus software should be constantly updated. Make sure you check if your provider does this automatically;
- If you’re a customer of Eway: Endpoint protection is included with your subscription to the MTI program and will protect your business’ computers against unknown threats such as viruses, adware, trojan horses and worms.
5. Set up two-factor authentication on all your business devices
Instead of just using a simple login combination of ‘username and password’, adding a two-factor authentication to your login process is a simple way of adding an extra layer of security to your business accounts. For example, if an attacker manages to get your password it won’t be enough to access your accounts. They would need to have access to your mobile phone or your email to complete the next step of authentication.
What you can do:
- Get a list together of all the accounts you log into to run your business;
- Check in privacy settings of your account whether you can enable two factor authentication. Keep in mind that it can be called different things by different providers (i.e multi-factor authentication or security key);
- Then all you need to do is simply turn it on.
These are just a handful of security measures you can start implementing today, but the work on improving your cybersecurity is never done.
Don’t want to do this alone? You don’t have to.
The Merchant Trust Initiative is designed to help business owners like you navigate cybersecurity. By equipping you with the right security measures to ensure you are handling and managing cardholder data securely and enhancing overall security within your business.
Subscribe to updates
Get the latest news and payment insights from Eway hot off the press.