By Riaan de Villiers, Business Analyst at LAWtrust
Upping Cybersecurity Measures
Small Medium Micro Enterprises (SMMEs) do not usually have a big budget to spend on advanced cybersecurity systems to protect themselves from cyber-attacks. They also do not deem themselves as obvious targets for scammers, since they assume they are out of cybercriminals’ radar.
The expansion of IT fields in the digitised Fourth Industrial Revolution (4IR) to include the Internet of Things (IoT), cloud computing and other developments exposed most businesses to advanced cybercrime attacks. Some of the attacks are subtle and can vary from phishing, identity theft, brute-force and malware attacks.
For small enterprises to be protected from these cyber-attacks, there are a few basic Do’s and Don’ts they can implement in their businesses.
The Do’s:
- Use hard-to-guess passwords and passphrases: creating unpredictable password combinations that include capital letters, lower case letters and special characters make it memorable for you as the user, but hard for the hacker to guess.
- Use different passwords for different accounts: to prevent all systems from being hacked, use different passwords for each account.
- Keep your passwords or passphrases confidential: do not share passwords or write them down where people can easily find them.
- Have a cyber-security strategy in place: have an incident response plan in place should any cybersecurity attack take place.
The Don’ts
- Don’t leave sensitive information lying around the office: do not carelessly leave private information lying on your desk. Maintain a clean desk policy and keep your information safe at all times.
- Don’t open mail or attachments from an untrusted source: pay attention to phishing traps in emails and keep constant surveillance for tell-tale signs of a scam.
- Don’t click on links from an unknown or untrusted source: cyber attackers often use links as a trap to lure users into visiting malicious sites and downloading malware that can be used for data theft or infiltrate networks.
- Don’t be tricked into giving away confidential information: verify the identity of callers claiming to be employees of a business asking for confidential information.
- Don’t install unauthorised programs on your work computer: the unauthorised application could pose as legitimate software but conceals malware.
Simple measures like these can go a mile in protecting your business systems and keep you safe from avoidable attacks that can put your confidential corporate information at risk.
Catch some highlights from Sentech Africa Tech Week 2023: