It seems like cyber attacks are everywhere in the news at the moment with Sony being one of the high profile targets. But it’s not just the business giants that need to formulate plans to thwart the hackers. In fact, new research will show that 9 in 10 SME’s have said that cybercrime is their top business concern.
The British Standards Institute have done a study into the issue and are due to publish their results this month. The institute has therefore produced Kitemark for Secure Digital Transactions to help SME’s. They understand that they can be easy targets for cyber criminals as they transact online but can lack the kind of in-depth support a large organisation would have.
They advise SME’s to secure their payment systems, showing customers they take security seriously. Toni Jones of BSI says “It’s a simple step for businesses to take and can start them on a journey in which they might seek to become certified under our Cyber Essentials scheme, which can show their customers and other companies in their supply chain that they’re a trustworthy, secure partner to do business with.”
Ensuring your IT systems and website are secure is very important as well as educating staff. If you are making lots of payments online you will still need protection against malware that will try and sit on your systems and steal small amounts and teaching staff to recognise common tactics such as phishing (trying to trick an employee to click on a fake link).
If you decide to transact through a website of your own design you need to be aware of the simplest form of attack, this is what is known as a Structured Query Language (SQL) attack which is where a hacker can put a code query in a box on the site and steal information. It is frightening easy and accounts for thousands of successful attacks each day.
So take note of these 3 lessons that have been learned the hard way;
- Secure Passwords – The Sony hack was made a lot easier by their passwords reportedly being hidden in a file directory called ‘password’. Make sure you pick strong passwords and don’t keep your list of passwords in an obviously named place!
- Mobile Matters – Mobile sites are often under-protected. Moonpig has been embarrassed by a flaw that allows customers logging in to bring up other account holders’ details. Don’t forget to protect your mobile site too.
- Don’t Go Phishing – The most common technique to place malware are emails which invite the recipient to click on a link. These so-called phishing emails can be very realistic and even caused the Washington Post to be hacked recently. Train your employees to never click on a link from someone they are not expecting to receive a link from.
If you want us to connect you with our IT partner, get in touch.