How start-ups can utilise IT to compete with the big boys — Part 3: Security, Business Continuity & Compliance
Over the past 2 weeks, our articles have looked at how start-ups and small businesses can utilise affordable IT solutions to compete with their largest rivals, covering ways to present a professional image (click to read part 1) and productivity and efficiency applications that can give even the smallest business access to the types of tools enjoyed by their enterprise competition (click to read part 2).
This week we are going to look at some of the IT security and business continuity options available to small businesses, to ensure not only that all of your hard work is protected but also how you can demonstrate this to potential clients, opening up the doors to new and lucrative opportunities.
When it comes to cyber-security for small businesses, you are best served to stick with the basics.
A good anti-virus solution (AV) is a must and you should ensure that it updated regularly, either by your staff or as a part of an IT support managed service. Similarly, you should employ a proven anti-spam solution if your email service is not bundled with one.
Another good policy is to make use of a Password Manager, ideally one with a “strong password generator” included, to track login credentials for your various online services, such as Microsoft 365 or your “cloud” accounts package, and so on.
You may wish to enable “2-factor authentication” where it is available, that requires any login attempt to be accompanied by a short PIN sent to you via a smartphone application usually. This is worthwhile for any online account that enables access to sensitive information, such as your financial records or customer details,
Lastly, you should ensure that all device passwords have been changed from their defaults or even consider replacing standard “hubs” that come with broadband services, with a more secure business-class device. Not only do these offer better security but will often improve the performance of your internet connection to boot.
A common misconception of those using online services is that they are backed-up as standard.
While it is true that most online services are provisioned from large datacentres with robust and resilient infrastructures, most do not offer a backup and recovery service as standard.
If you subscribe to Microsoft 365, or Google’s G-Suite, for example, and delete something by accident, you only have a limited time before that data is lost forever. Should that happen, no amount of vendor support can help you. Worse if you should fall victim to a cyber-attack, such as ransomware, where your files can be encrypted en masse.
It is a very good idea to employ a dedicated backup service, such as the unimaginatively named “Backup for Microsoft 365”, to ensure that your emails, calendars, contacts, OneDrive and SharePoint data is backed up each day and that you will have the ability to restore anything that might become lost.
Alongside this, it is worthwhile to protect your data that is stored locally on your physical devices. A simple, inexpensive workstation backup solution can provide this for you, so you can be confident that both your online and local data is safe and recoverable, should the worst happen.
Many entrepreneurs and founders of new businesses may consider compliance with a cyber-security standard to be unneeded, something that only larger organisations should consider. However, the introduction of the Cyber Essentials certification scheme can offer small businesses huge advantages and with minimal time and money investment.
The UK Government introduced Cyber Essentials to be a modern, practical take on cyber-security compliance. Rather than requiring continual assessment and revision, all that is required is that your IT infrastructure is set up to comply with sensible security requirements, things that every business in 2020 should do by default anyway.
Not only is compliance with Cyber Essentials proven to mitigate for up to 80% of all cyber-attacks it is also now a requirement of many organisations should you wish to work with them as a supplier or sub-contractor. This includes Government organisations as well as large companies working in the Automotive, Aerospace, Health, and Financial sectors.
In short, Cyber Essentials not only demonstrates that your business takes sensible precautions against cyber-crime but also allows you to bid for contracts and work that would otherwise be unavailable to you.
Want more advice? If you would like advice on IT for your small business or start-up, get in touch.