Business websites are today’s high-street shop window, with social media helping to raise brand awareness and direct traffic in the way that billboards and direct marketing continues to for physical stores.
The Office for National Statistics reported that about 57% of small businesses in the United Kingdom use social media for marketing purposes.
But what would happen if your storefront was taken over, your customer book stolen, the window display changed to abusive messages and the door locked so that you couldn’t get in to change it back? In the physical world this would confuse your regular customers, maybe losing trust with theft of their data, as well as deterring new people from doing business with you.
The online world is no different. What would you do if your social media account was taken over, the password changed so you couldn’t get access, explicit messages sent to your customers and their records encrypted or stolen?
In the Eastern region, 121 business reported social media or email hacks to Action Fraud in 2020, with reported losses of £308.2k. Limited companies being the most affected, followed by sole traders indicating that business size is not always a consideration for cyber criminals.
Here are some recommendations for keeping your digital keys to your storefront as safe as the physical ones.
Use unique passwords for each account – use a password manager if you can’t remember them all
Ensure you have 2-factor authentication on all your social media, email and web hosting/domain accounts – that way even if your password is leaked, cyber criminals still shouldn’t have access. For the verification, use an authenticator app rather than email or text, as it’s offers greater security
Does your website provide easy access to criminals in terms of known vulnerabilities? This is a weakness or misconfiguration in a website or web application code that allows an attacker to gain some level of control of the site, and possibly the hosting server. Most vulnerabilities are exploited through automated means, such as vulnerability scanners and botnets.
Consider the ‘what if’ and have a business continuity plan (BCP). A BCP is an outline of your business strategies to ensure continued productivity, minimal damage, and quick recovery during an emergency (and losing control of your digital shop window and a data breach is definitely counted as an emergency).
The National Cyber Security Centre (NCSC) has put together this handy video, bitesize guide on how to prepare your response to cyber-related incident.
The ECRC is here to connect with business owners and decision makers looking for ways to improve cyber resilience in an accessible way. Our services include:
A cyber business continuity exercise – this is a practical, scenario-based exercise tailored to your organisation to test your business continuity plan and recovery
Web application vulnerability assessment – how secure is your website? Does it contain vulnerabilities just waiting to be exploited? Our assessments can help identify these weaknesses so you can fix them.
Cyber Alarm - the Police CyberAlarm acts as a ‘CCTV camera’ monitoring the traffic seen by a member’s connection to the internet. It will detect and provide regular reports of suspected malicious activity, enabling organisations to minimise their vulnerabilities. The data collected by the system does not contain any content of the traffic. The system is designed to protect personal data, trade secrets and intellectual property.
For more details on any of these services or to speak with the team, please contact us and let us know how we can help.
Commentaires