In the year 2021–22, cybercrime reports flooded the Australian Cyber Security Centre (ACSC), with one report every 7 minutes. As we observe Cyber Security Awareness Month (October), here are some basic tips to keep ‘cyber safe’. Follow these 4 quick steps to safeguard yourself and your clients.

Step 1: Keep Your Devices and Software Updated

Frequent updates ensure that your devices, an essential component for small businesses, have the latest security features to thwart cybercriminals. It’s essential to download authorised and legitimate software only, ensuring your small business remains secure. Check for updates on your devices, and enable automatic updates for added protection.

While updating your devices and software is a crucial aspect of cyber hygiene, email security is equally important for small businesses. Cybercriminals often use emails as a gateway to launch attacks on individuals and small businesses. To enhance your email security, consider the following:

  • Be Wary of Suspicious Emails: Small businesses often fall victim to phishing emails. Cybercriminals use these to trick recipients into revealing sensitive information. Always be cautious of unexpected emails, especially those requesting personal or financial information. Check the sender’s email address and look for any irregularities.
  • Verify Email Attachments and Links: Before opening email attachments or clicking on links, ensure they are from a legitimate source. Hover your mouse over links to preview the web address they point to without actually clicking on them.
  • Use Strong Passwords: Secure your email accounts with robust, unique passwords. Combine uppercase and lowercase letters, numbers, and special characters. For small businesses, considering a password manager can help you generate and store complex passwords securely.

Step 2: Implement Multi-Factor Authentication (MFA)

Multi-Factor Authentication (MFA) is a powerful security layer to help you stay cyber safe, that demands at least two forms of identity confirmation for access. Small businesses should employ MFA wherever possible, especially considering the sensitive information they handle. MFA options can include physical tokens, authenticator apps, email, or SMS. Enable MFA for your accounts to enhance security.

In the context of email security, MFA plays a critical role for small businesses. By enabling MFA for your email accounts, even if your password is compromised, an additional layer of security is required for access. This significantly reduces the risk of unauthorized access to your emails and the sensitive information they contain.

Step 3: Regularly Back Up Your Files

Backing up your files is crucial for small businesses. Small business owners should store copies of their data on an external device or the cloud, allowing them to restore files in case of data loss. Ensure you configure and execute regular backups through your system or application settings.

Small businesses that regularly perform backups can prevent costly data recovery efforts. Fortunately, with XERO, your financial records are stored safely in the cloud, so there is one less thing to worry about. If you wanted to keep an offline copy of your data, you can simply export it to a safe device, for that added bit of peace of mind.

When it comes to email security, small businesses should consider backing up important email data regularly. Many email providers offer built-in backup features or integrate with third-party backup services. By maintaining email backups, small businesses can recover vital messages and attachments in case of accidental deletion or email service disruptions.

Step 4: Opt for Strong Passphrases

To stay cyber safe, account security is paramount. Using passphrases can significantly bolster the security of your accounts, making it harder for cybercriminals to breach your information. Passphrases consist of four or more random words and may include symbols, uppercase letters, and numbers. Consider using a password manager to generate or store passphrases securely.

For email security, strong passphrases are essential for small businesses. Small business owners should recognize that their email often serves as a gateway to various online accounts, making it a prime target for cybercriminals. By using a strong passphrase for your email account, you add a robust layer of defense against unauthorised access. Enhancing cybersecurity is a straightforward process. For more guidance, the ACSC provides practical advice and resources on staying safe online. Small business owners must recognize that by following these steps, they can significantly improve their overall cybersecurity posture, both for their devices and email accounts. Cybercriminals frequently exploit vulnerabilities in email systems and devices, so staying vigilant and proactive is key to protecting sensitive information and digital assets.