1. Cyber crooks are increasingly targeting small businesses which lack the security expertise, data protection and response tools that large companies have at their disposal. Check your current insurance documents to ensure your business needs are cover- ed.
2. SMEs may be tempted to cut back on anti-virus software, however with businesses increasingly relying on email and the internet, the potential damage from malicious ‘cyber’ attacks has risen dramatically. Review IT systems and ensure anti-virus software is updated regularly.
3. Conduct a cyber crime risk assessment to identify weak points in security. Most SMEs do not have the resources to continuously monitor for breaches, so tightening processes before a cyber attack happens will save time and money.
4. The majority of SMEs don’t have an in-house lawyer or IT specialist to fall back on so it’s important to provide all employees (and yourself) with training to highlight ways to improve data security.
5. Many companies hold personal information of their clients and disclosure of this through hacking or lost laptops may breach data protection law, resulting in costly legal action. Make time to prioritise cyber crime and ensure your employees are aware of their responsibility to protect client data.
6. Consider designating one computer for online banking and storing client information and ban web surfing or email on that machine which could expose the computer to malware.
7. Many SMEs do not upgrade their computer systems as often as bigger businesses. It’s worth investing in up-to-date machines with better security as the initial outlay will be far less than the cost to your business in the event of a security breach.
8. Cloud computing has become an increasingly mainstream feature of many businesses, however SMEs must ensure they have a clear understanding of the risks and potential liabilities involved.
9. It’s worth researching which insurer will best serve your needs as there are policies available to suit particular areas such as breach of network security.
10. Bear in mind that the MoJ has authorised the Information Commissioners Office (ICO) to levy fines up to £500,000 for losing customer data.