Kloudwerk’s cyber security advice for startups

Starting a business means suddenly, you’ll find yourself wearing many, many hats. From accounting to marketing, compliance to technology. Cyber security doesn’t have to be complex or expensive. To that end, here are some processes we recommend setting up as early as possible.

Starting a business means suddenly, you’ll find yourself wearing many, many hats. From accounting to marketing, compliance to technology. Cyber security doesn’t have to be complex or expensive. To that end, here are some processes we recommend setting up as early as possible.

Starting a business means suddenly, you’ll find yourself wearing many, many hats. From accounting to marketing, compliance to technology. We may be biased, but we’ve seen some bad stories in our industry, and we therefore recommend cyber security being another hat you wear with style. Cyber security doesn’t have to be complex or expensive. Like many other business areas it’s about managing a few processes consistently well.
To that end, here are some processes we recommend setting up as early as possible.

Get set up on a password manager
When setting up a new business, there are many new platforms you’ll need to subscribe to. From your new email account, to using services such as Quickbooks, and managing your new website. They all need you to set a password. Did you know that 45% of security breaches in 2021 involved passwords being compromised?

You can use a password manager to create long, secure and unique passwords that you no longer need to remember. If you decide to scale your business, you can create new users and only share the password which they need to see. LastPass, OnePassword, Bitwarden and Nordpass are currently the most well-known password managers and typically cost between £2-5 per month. 

Set up multi-factor authentication (MFA) for important accounts
We’ve talked about having secure passwords. But for your crucial accounts such as your email, website , and other platforms where you store sensitive data or manage critical applications, you should also set up MFA. This is a failsafe to ensure nobody else can log into your accounts, even if they do get your password. 

Keep your systems and applications up to date
We imagine you’ve heard this one before. The reason security professionals keep banging the “update your systems drum” is actually quite simple – all systems and services have security bugs at some point, and updating them regularly means there are fewer security bugs for hackers to exploit. 

Make backups of important data
At some point your business will have data it desperately needs to keep confidential. Such data usually comes in the form of customer information, intellectual property or sensitive business information. Either way, it’s good practice to back it up in case an incident such as a ransomware attack occurs.

Get Cyber Essentials accredited
The cyber essentials scheme was designed by the UK government to help smaller organisations implement basic security practices to help keep them secure from criminals. To become accredited means a cost of around £300 per year, which also gets your business £25,000 of cyber liability insurance.

Bear in mind that while cyber insurance is recommended, it won’t help your business with any reputational damage suffered by a breach. Additionally, you can only claim if you can prove you have implemented all the security practices. In this way, it’s similar to house contents insurance – did you lock the front door and windows?

Businesses can implement all the cyber essentials without paying the fee. The fee enables your business to be put on a publicly searchable register of accredited companies, and gain access to the insurance. The paid version also allows you to prove to your customers and stakeholders that you take security seriously – it may even give you a competitive advantage.

Whilst not an exhaustive list, these are decent starting points for startups. At Kloudwerk we always recommend doing the basics well. The basics often ensure your business is not the lowest hanging fruit and cyber criminals will go elsewhere.

If your business would like some tailored advice, or would like help becoming accredited for the Cyber Essentials scheme, get in touch with us here.

– We build an understanding of your organisation
– We develop a roadmap to address key risks
– We help you implement the required changes and keep your business protected on an ongoing basis.

Visit our Cyber Consultancy page for more information.

Share:

Facebook
Twitter
Pinterest
LinkedIn

Leave a Reply

Your email address will not be published.

On Key

Related Posts

WEBSITE SECURITY REPORT

GOLD

Imagine you own a house and want to add an additional floor. First you have to review and strengthen the foundations. This service builds cybersecurity foundations to facilitate growth in a resilient, timely manner.

This service will also provide the company with a cybersecurity risk assessment and improvement plan but with significantly more support from a senior consultant to help the company embed improvements in a continuous, timely manner

SILVER

The dreaded car MOT is looming. It’s the unforeseen wear & tear that results in some necessary annual maintenance. Our cybersecurity review will highlight what needs to be done as your engineers.

In addition to the context gathering stage and security footprinting service, a senior consultant will perform a risk assessment to understand the company’s cyber risks and provide recommendations. They will also be available to undertake monthly calls for answering questions, providing guidance and checking on whether risks are reducing.

BRONZE

You’re embarking on a more active lifestyle, chosen to go on a diet and get in shape. Think of this service as the cybersecurity equivalent of the personal trainer, helping you along the way.

After an initial context gathering stage, a junior security consultant will be available once per month to answer questions and provide recommendations based on company goals and activities. A cybersecurity footprinting service will allow the company to continuously monitor its external security posture.

Add Your Heading Text Here

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut elit tellus, luctus nec ullamcorper mattis, pulvinar dapibus leo.

Add Your Heading Text Here

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut elit tellus, luctus nec ullamcorper mattis, pulvinar dapibus leo.