Small business: How to stay safe from cybercrime

Small and medium-sized enterprises are tempting targets for cybercriminals. David Prosser explains how to keep your business safe.

David Prosser
By David Prosser
published

949_MW_P26_SB

SMEs are particularly vulnerable to possible security breaches
(Image credit: Phil Leo / Michael Denora)

Ensuring your business is safe from cybercrime is increasingly important.

Small and medium-sized enterprises (SMEs) are tempting targets for cybercriminals. Their defences tend to be less sophisticated than their larger peers, but they still offer rich pickings, from valuable personal data to banking and payment systems.

New data from the government underlines the scale of the challenge now facing SMEs: 40% of small businesses and 60% of medium-sized firms have experienced some form of cybersecurity breach or attack in the past 12 months. While no organisation, large or small, can ever achieve complete security, doing the basics well is actually relatively cheap and very effective.

Subscribe to MoneyWeek

Subscribe to MoneyWeek today and get your first six magazine issues absolutely FREE

Get 6 issues free
https://cdn.mos.cms.futurecdn.net/flexiimages/mw70aro6gl1676370748.jpg

Sign up to Money Morning

Don't miss the latest investment and personal finances news, market analysis, plus money-saving tips with our free twice-daily newsletter

Don't miss the latest investment and personal finances news, market analysis, plus money-saving tips with our free twice-daily newsletter

Sign up

First, it's worth checking how physically secure your office is, as you want to restrict access to anything that would contain sensitive details, or give an attacker the information they need to try to trick you into unwittingly sharing such information.

Next, turn to digital security. Check that all your computer equipment is password-protected and that all employees use strong passwords that they change regularly. Free password-management software can be useful here. The idea is that even if an attacker does get their hands on one of your machines, it should be difficult for them to break into it. Two-factor authentication systems add a layer of protection, requiring access to a second device, such as a mobile phone, to get into the system.

The weak link

One sensible precaution is to limit access to each part of your computer system to those staff who actually need it. The fewer people who are logging into each part of the infrastructure and the slimmer you can keep those systems the fewer points of vulnerability you'll have.

With these basic measures in place, the final step is to consider investing in technological solutions to the cybersecurity problem. That doesn't have to cost the earth: there is a wide range of free or low-cost software available, particularly in the anti-virus and firewall market, aimed at SMEs. Many organisations offering these packages will also give you free advice and support.

David Prosser
David Prosser
Business Columnist

David Prosser is a regular MoneyWeek columnist, writing on small business and entrepreneurship, as well as pensions and other forms of tax-efficient savings and investments. David has been a financial journalist for almost 30 years, specialising initially in personal finance, and then in broader business coverage. He has worked for national newspaper groups including The Financial Times, The Guardian and Observer, Express Newspapers and, most recently, The Independent, where he served for more than three years as business editor.

Latest