By: Damon Anderson, Director of Operations at Xero
Now that just about everything happens online, cyber security has taken on a new significance. Unfortunately, hackers and other nefarious actors have leapt at the opportunity of the pandemic, and cybercrime is on the rise.
According to government statistics, 39% of UK businesses have experienced a cyber security breach in the past year. Perhaps most alarmingly, a recent study found that malware attacks increased by 358% globally in 2020.
Small businesses can often feel immune to cybercrime. The reality is that in our increasingly digital world every business is vulnerable to it, no matter what their size.
Despite the risk, 80% of data breaches can actually be preventable. Businesses aren’t helpless when it comes to staying safe – there are simple, quick and effective steps you can take to deter cybercriminals and keep your data safe.
Use Multi-Factor Authentication
Verification technology like Multi-Factor Authentication (MFA) is already legally mandatory in Australia and it’s likely this will be rolled out in other countries soon.
MFA means that you have to present several pieces of evidence to gain access to a system. Just one easily guessed password can stop your business in its tracks, so MFA adds a second layer of security. This can have a massive impact on preventing hackers who may have illicitly gained access to your password.
The more factors that are required to gain access to a system, the more secure it is.
That’s why we’ve taken the proactive approach to make MFA mandatory for our customers across the world. It’s an essential step in keeping our customers’ data secure and we launched our own Xero Verify authentication app to make the process as simple and pain free as possible.
Beware of phishing
Given the relative complexity of modern security systems, it’s not unusual for the weakest link to be the people using them. That’s why hackers often employ social engineering and target unsuspecting people rather than exploiting software directly. By clicking on a suspicious email without realising it, you may be inadvertently giving access to hackers. These emails are part of an attack called “phishing.”
Fortunately, avoiding the bait is simple if you know what to look for. Be suspicious of emails from public domains like Gmail – business senders will almost always contact you from their company email address – and be sure that the domain name is spelt correctly. Hover over hyperlinks in the email to check where they’ll be taking you, and if the email is poorly written it’s best to be cautious.
Consider your password hygiene
We all know the importance of having complex passwords and changing them frequently, but doing these digital chores is another matter altogether. At the absolute least, change your passwords for essential services like your bank and Xero (things that could have a big impact if you lost control of them) every few months. Some people find it easier to use a password manager, which automatically generates and remembers complex passwords.
Keep your software and devices up to date
It can be frustrating when your phone or apps demand that you restart your device so they can update, but these updates are critical. As the developers become aware of flaws that hackers may exploit, they issue an update to “patch” it. Hackers look for people who are still using the older version with the security vulnerability might be higher – so click that “update” button.
Backup your data
Losing data is one of the worst things that can happen to a business, but it’s easy to prevent. Use backup services for data that you store locally and turn to cloud programmes like Xero to ensure that your data is secure.
Many cyber security professionals will tell you that the success of cyber security programmes come down to education. Simply put, the only guaranteed way to stay safe is to ensure that you and every member of your team understand its importance and are well-informed of new risks. Consider this free DCMS training from the government for you and your team to do regularly.
Implementing these simple steps is a great way to stay secure, and it will put you on the front foot when it comes to security.
You can learn more about our multi-factor Authentication here.