As we sing out 2022 and ring in the new year, we are going to need to be even more vigilant when it comes to our cybersecurity. Make no mistake, regardless of the size of your business and whatever industry you are in, there are people out there looking to take advantage of any vulnerability you have. So, let’s start the year right with 5 quick and easy things you can do to help make sure you are ready for a cybersafe 2023.
- Should ‘Auld Acquaintance’ still have access?
Once someone leaves your business, regardless of how much you trust them, make sure they don’t continue to have access to any systems. You would be amazed how often we see active logins for ex-employees. This is not a trust thing, they are not necessarily a threat themselves (although they can be) it is about where that information is stored and where the device it is stored on could end up.
- Should things ‘Be forgot’
Yes, defiantly if they need to be. Remember to clear out and delete any data that you should not be holding on to. It may seem like a chore, and even a pointless one, but getting rid of old customer data, tidying up your email lists and other dead data is important because if you don’t could be outside GDPR.
- And never brought as BYOD, unless you allow it.
Make January a review point for your policy on Bring Your Own Device and mobile devices. These can hold important information and therefore need to be part of your security and GDPR compliance policy. You need a clear strategy on what devices can be used and how they can be used. Something as simple as storing a client’s data locally on a tablet could be a huge problem.
- We’ll take a cup of training for the sake of security.
Security problems often start with employees making simple errors because they were not fully aware of what was required of them. If you make sure all your employees are cybersecurity aware and understand the role, they play in GDPR compliance, you will go a long way towards staying safe in 2023.
- For the sake of safe online.
Unless your virus protection is up to date it is a security risk. That includes firewalls and encrypted areas. Why not do an audit of who has access to what areas of your system from remote locations at the same time? Do they all really need to be able to get into everything area and the data they can access? The best policy is always one of limited access only.
Ok, I think we have pushed the ‘Auld Lang Syne’ lyrics thing to breaking point, but it is vital that you bring your security and GDPR compliance up to date ready for 2022. Nobody fully understands the true extent of cybersecurity issues for SMEs but a number we do know is that just under 40% of businesses in the UK have been attacked.
Call us if you have any questions or would like to discuss training for you and your team. Together we can make 2023 the safest year ever.
