Cyber Best Practices for Small Businesses

Small businesses without full-time IT staff are often targeted by cybercriminals. While this can seem frightening, the good news is that by following cyber security best practices, we can stand tough against cybercrime.

What is cyber security?

View Options Again

The protection of computers, networks, and data from cyber attacks, data breaches, and other online threats. A way to restrict you from working freely. Websites that infect your computer with a virus. The use of security guards to protect people, assets, and facilities.

What is NOT a way to secure a small business against cyber attacks?

View Options Again

Use strong passwords and Multi-Factor Authentication (MFA). Create backups of your important information. Keep your systems up to date. Rely on your antivirus software to stop all threats.

Goals of cyber security

The goal of cyber security is all about enabling businesses to adopt digital technologies in a safe and secure way. Depending on your priorities, the following principles may apply.

Confidentiality refers to protecting the secrecy of information and systems. It is common for data to be categorized according to the amount and type of damage that could be done if it fell into the wrong hands. More or less stringent measures can then be implemented according to those categories.

Integrity refers to the measures taken to protect information from unauthorized alteration. These measures provide assurance in the accuracy and completeness of data. The need to protect information includes both data that is stored on systems and data that is transmitted between systems, such as email.

Availability refers to ensuring that authorized users have access to information and systems when they need them. This means protecting against attacks that can disrupt access or cause them to become unavailable. This involves properly maintaining hardware and technical infrastructure and systems that hold and display the information.

What is Multi-Factor Authentication?

MFA is an authentication method that requires more than one verification factor to validate a user's identity by using something they have, know, or are.

This type of authentication factor requires the user to provide something that only they know, such as a password or a PIN. This is the most common type of authentication factor and is often used as the first layer of protection.

This type of authentication factor requires the user to have possession of something, such as a security token or a smartphone. This type of authentication factor can be used to provide an additional layer of security and can be especially useful for protecting against unauthorized access when the user is not physically present.

This type of authentication factor is based on the user's physical characteristics, such as their fingerprint, face, or voice. This type of authentication factor can be used to provide an additional layer of security and can be especially useful for protecting against unauthorized access when the user is not physically present.

What is an example of Multi-Factor Authentication?

View Options Again

Changing your passwords on a regular basis. Entering a password and receiving an SMS to verify your identity. Writing your secret information in a diary. Letting only one other person know your password.

Which of the following is NOT a type of cyber threat small businesses might face?

View Options Again

Malware and ransomware. Unsecured networks. Phishing scams. Natural disasters.

Education is key when securing your business from cyber attacks.

Employees can be the first and last line of defense against cyber threats. It's important to make sure you know about the threats you could face and the role you play in keeping the business safe.

Cyber awareness involves being mindful of cybersecurity in day-to-day situations. Be aware of the dangers of browsing the web, be aware of email scams, and remain cautious when downloading files and clicking on links. Thinking before you act.

Cybersecurity education is important because it helps individuals understand how to protect themselves while browsing the internet and becoming experts at spotting the phish. Armed with this knowledge, you can become a barrier of defense for your company against potential threats.

It is important to have clear policies in place that outline the acceptable use of company resources. An example of a policy is what app you use to communicate within your organization so that way you know if someone messages you on a different app, your guard will already be up. This policy would make it easier to spot the fish or detect the scam.

Is the following statement True or False:
It is my company's responsibility to make sure I don't receive or click on suspicious emails.

View Options Again

True False

Learn how to spot the phish

Look out for urgency in email subjects, fraudulent sender addresses or requests to perform an action.

Compose

Folders

Inbox 6
Starred
Draft 3
Sent Mail
Spam
Trash

[URGENT] Claim Your Work From Home Set-Up Payment

Human Resources ( human-resources@webnotifications.net )to john.doe@mybusiness.com

Dear John,

Claim Your Work From Home Set-Up Payment

Our company acknowledges that we are all working from home for a longer period and is offering a one-time payment to all employees of $1500.00 USD to ensure that you have a suitable home working set-up.

To receive the payment via payroll, you will need to complete this acknowledgement form .

For more information on how to set up your home office space safely, please look at the:
https://www.workingfromhome.hr/arragements/concur/apps/track

Thank you,
The Human Resources Team

***This is an automatically generated email, please do not reply***

What can I do as an individual to do my bit to secure my employer?

View Options Again

Make sure I don't use my personal phone during work hours. Always listen to what my boss says. Learn to spot phishing emails and report them to my IT team. Make sure I only open emails from people I know personally.

Protecting your company from cyber criminals is a team effort.

We each need to do our bit to ensure we're following cyber security best practices and reduce the risk of a successful cyber attack!

Cyber Best Practices for Small Businesses

What is cyber security?

What is NOT a way to secure a small business against cyber attacks?

Goals of cyber security

What is Multi-Factor Authentication?

What is an example of Multi-Factor Authentication?

Which of the following is NOT a type of cyber threat small businesses might face?

Education is key when securing your business from cyber attacks.

Is the following statement True or False: It is my company's responsibility to make sure I don't receive or click on suspicious emails.

Learn how to spot the phish

What can I do as an individual to do my bit to secure my employer?

Protecting your company from cyber criminals is a team effort.

Is the following statement True or False:
It is my company's responsibility to make sure I don't receive or click on suspicious emails.