In light of what’s happening with Russia and Ukraine, advice from the National Cyber Security Centre is urging ‘organisations in the UK to bolster their online defences’ against cyber-attacks.
Although currently there is no direct threat to the UK, cyber attacks have been used in the past by Russia and could be used again.
So, what does this mean for UK businesses?
It means that now is the time to make sure your cyber security measures are in place.
Points to implement
- Patching – Ensure you are running the latest version of your operating system on all your devices along with up to date third party software and apps. Your IT support company may be responsible for ensuring everything is up to date. If they do not do this for you, you may want to check automatic updates are switched on where possible.
- Multi-factor authentication (MFA) – Switch on MFA to add an extra layer of security. On sign in you will be requested to provide, in addition to your password, a one-time password (OTP). This is often either sent by email or text and once used, is useless. Some methods, instead, require you to confirm login from an app on your device. MFA ensures that even if someone does gain access to your password they still won’t be able to log into your account without the additional verification.
- Password manager – A password manager is a piece of software that stores all your passwords. Passwords in a password manager are kept safe and secure as the data is encrypted. The software can generate long random passwords for you, remember them, and fill in the login boxes automatically, making life easier. This saves you remembering lots of different passwords and stops you using similar easy to guess passwords. You only have one master password to remember, and it is protected by Multi-Factor Authentication so is a very safe and easy solution.
- Anti-Virus software – Make sure that you have anti-virus software on each of your devices, and that this software is always kept up-to-date. This will provide a level of protection against anything the software sees as malicious.
- Backups – Backups are essential for all businesses, giving you peace of mind that in the event of you losing your data or suffering a ransomware attack, it can be restored. It won’t be helpful though, if the last backup you made was last year so ensure you are making regular data backups, and that you also have an offline copy.
- Employee awareness – Don’t allow your employees to become complacent. Remind everyone of your processes and keep them up to date with current methods used by hackers. Make sure staff receive the necessary training so they are aware of how to identify and report scams and phishing emails.
To read the full NCSC guidance to help reduce risk click here
If you need help with your cyber security, are interested in an audit to spot potential areas where you can improve, or require employee security training, please get in touch.