Starting a business means suddenly, you’ll find yourself wearing many, many hats. From accounting to marketing, compliance to technology. Cyber security doesn’t have to be complex or expensive. To that end, here are some processes we recommend setting up as early as possible.
Starting a business means suddenly, you’ll find yourself wearing many, many hats. From accounting to marketing, compliance to technology. We may be biased, but we’ve seen some bad stories in our industry, and we therefore recommend cyber security being another hat you wear with style. Cyber security doesn’t have to be complex or expensive. Like many other business areas it’s about managing a few processes consistently well.
To that end, here are some processes we recommend setting up as early as possible.
Get set up on a password manager
When setting up a new business, there are many new platforms you’ll need to subscribe to. From your new email account, to using services such as Quickbooks, and managing your new website. They all need you to set a password. Did you know that 45% of security breaches in 2021 involved passwords being compromised?
You can use a password manager to create long, secure and unique passwords that you no longer need to remember. If you decide to scale your business, you can create new users and only share the password which they need to see. LastPass, OnePassword, Bitwarden and Nordpass are currently the most well-known password managers and typically cost between £2-5 per month.
Set up multi-factor authentication (MFA) for important accounts
We’ve talked about having secure passwords. But for your crucial accounts such as your email, website , and other platforms where you store sensitive data or manage critical applications, you should also set up MFA. This is a failsafe to ensure nobody else can log into your accounts, even if they do get your password.
Keep your systems and applications up to date
We imagine you’ve heard this one before. The reason security professionals keep banging the “update your systems drum” is actually quite simple – all systems and services have security bugs at some point, and updating them regularly means there are fewer security bugs for hackers to exploit.
Make backups of important data
At some point your business will have data it desperately needs to keep confidential. Such data usually comes in the form of customer information, intellectual property or sensitive business information. Either way, it’s good practice to back it up in case an incident such as a ransomware attack occurs.
Get Cyber Essentials accredited
The cyber essentials scheme was designed by the UK government to help smaller organisations implement basic security practices to help keep them secure from criminals. To become accredited means a cost of around £300 per year, which also gets your business £25,000 of cyber liability insurance.
Bear in mind that while cyber insurance is recommended, it won’t help your business with any reputational damage suffered by a breach. Additionally, you can only claim if you can prove you have implemented all the security practices. In this way, it’s similar to house contents insurance – did you lock the front door and windows?
Businesses can implement all the cyber essentials without paying the fee. The fee enables your business to be put on a publicly searchable register of accredited companies, and gain access to the insurance. The paid version also allows you to prove to your customers and stakeholders that you take security seriously – it may even give you a competitive advantage.
Whilst not an exhaustive list, these are decent starting points for startups. At Kloudwerk we always recommend doing the basics well. The basics often ensure your business is not the lowest hanging fruit and cyber criminals will go elsewhere.
If your business would like some tailored advice, or would like help becoming accredited for the Cyber Essentials scheme, get in touch with us here.
– We build an understanding of your organisation
– We develop a roadmap to address key risks
– We help you implement the required changes and keep your business protected on an ongoing basis.
Visit our Cyber Consultancy page for more information.