In 2017, Aberdeen City and Shire was top region in Scotland for new business start-ups after breaking the record for a second year.
Delivering Business Gateway services across Aberdeen City and Shire, Elevator helped a total of 1,302 start-ups in that financial year with around 70 new businesses having been set up by those who have faced redundancy from the oil and gas sector.
It’s great to see this level of innovation and business confidence but as well as thinking about first premises, new employees and customers, cybersecurity should be a priority righty from the start among start-ups.
Whether working in food and drink or event management, each has the potential to be a target for cybercriminals and it’s essential that cybersecurity measures are put in place to protect yourself, your fledgling organisation and your customers.
The Department for Digital, Culture, Media and Sport's 'Cyber Security Breaches Survey 2017' reported that just under half (46%) of all businesses have identified at least one cyber security breach or attack in the last 12 months.
This figure was 38% among micro-firms, rising to 52% among small firms and 66% in medium firms.
So, in small or medium-sized enterprise (SME) then there’s around a 1 in 2 chance that you’ll experience a cyber security breach which could result in costs of around £1,400.
Cybersecurity can seem daunting at first, especially if it’s an unfamiliar area. But there are simple measures you can take to improving your security position relevant not only for new starts but SMEs too.
Protect intellectual property and encrypt data
Do you have a business idea that’s set to change the world? What would happen if a competitor or a malicious threat actor gained access to it? It could be the end. Therefore, you need to protect it.
It may be a business idea, a new product or process, or a blossoming client list. Be sure to ensure it’s secure and that you’ve put robust security measures in place around it. Passwords, firewalls, access privilege rights, segregated networks can all help ensure your secrets remain just that.
Data encryption is also key, both in transit and at rest. By encrypting key data it means that, if the worst was to happen, the data extracted by hackers would be useless.
HTTPS and VPN
Many startups and freelancers use shared work spaces, or work from coffee shops to make use of the facilities, especially the Wi-Fi. But how do you know if your connection is truly secure?
Ensuring connection via HTTPS is one way and many browsers will now alert you to the fact that a site may be insecure. If not, you need to look out for the green secure padlock in the URL address bar. The same applies to mobile sites too.
You also need to be wary of evil twin attacks; this is where an attacker can mimic a legitimate wi-fi, say from a coffee shop or an office, and once a victim connects they can alter traffic to collect personal details. They could even set up an official-looking login page on entry, to try and con users into sharing their login credentials. If you spot similarly named wi-fi networks, you need to alert whoever looks in charge.
By using a Virtual Private Network (VPN) you add a layer of encryption to your connection and prevent attackers from being able to access your information.
Password Management
Using the same password and email address across many different websites is never a good idea: if one channel was to be breached, attackers could use the information gathered to access further accounts, as well as your business network.
This is particularly true if you use the same passwords for your work or personal computer, as attackers with stolen login credentials could access personal files as well as any critical business files you may have.
Strong passwords are essential and you should ideally have individual passwords for each account you set up. We recommend using a password manager to help keep track of these.
Regular updates
Nobody likes updating software: it takes time away from other, more pressing matters and it’s tempting to hit the remind me later button. But putting off updates makes you increasingly vulnerable to attack.
New updates carry with them vital security patches, allowing you to stay protected against the latest and most serious threats. Cyber-criminals know this, and once an update is released they are becoming increasingly adept at reverse engineering the updates, finding the vulnerabilities and launching attacks against those who have yet to update their systems.
What used to take months in terms of this reverse engineering process now takes days, and the time from update to attack is getting shorter all the time. We no longer live in a world where you can put security updates off.
Falling victim to cybercrime can be devastating for your business, and when you consider that SMEs make up 99.9% of Britain's 5.5 million private sector businesses, it represents a real threat to the whole of the UK economy.
Remember, businesses like Clark IT are here to provide expertise and support around all IT services and as an SME ourselves, understand your specific needs and requirements better than most.