From malware to phishing and from hacking to theft of data storage devices, the risks of falling victim to a security gap are continually growing, writes Anton van Heerden, executive vice-pesident for Sage Africa & Middle East.
If you are an African entrepreneur, you must prepare yourself to compete in the digital economy by protecting your business from cyber-crime.
According to the 2016 Cyber Security Report from Serianu, Kenyan organisations are losing around Sh17.5 billion a year to cyber-crime – a dramatic increase from Sh15 billion in last year’s report. In South Africa, according to international research from Kaspersky Lab and B2B International, over half (53%) of the respondents have come across or been targeted by malware.
The consequences of falling victim to an information security gap can be severe, including legal liability, financial losses, irreparable damage to customer’s trust in your business, and loss of confidential company data.
Here are some ways you can protect your business by following some basic good practices:
* Trust the cloud: Cloud computing can be more secure than traditional IT. Established cloud suppliers invest vast amounts of money into securing their applications and have technology infrastructures beyond the means of any small business. Thus, the cloud provider is better equipped to handle malware, hackers, DDOS attacks, and all the common cybercrime threats and nuisances of the information age. There’s also less risk of losing data stored on a laptop or a USB stick because everything is stored in the cloud and not on devices that could be lost or stolen. Cloud allows customers to control their business from wherever they are. For businesses to be able to improve their security and integrity of their data is highly important in a world where cybercrime is slowly taking over.
* Educate your end-users about the basics of information security: For example, make sure they know why they need to choose strong passwords and that they are alert to the dangers of phishing emails designed to persuade them to give their log-in details to people with criminal intentions.
* Install antivirus and anti-malware software on your laptops and desktop computers: Keep it up to date with the latest software to ensure that your data and applications are always protected.
* Get serious about mobile security: Lock your device behind a PIN code or password when not in use so hackers or thieves can’t access your data. Also, most mobile devices today allow you to track their location or remotely wipe data. It’s a good idea to enable this functionality in case the device goes missing.
* Keep software up to date with security patches: When it comes to desktops and notebooks, be sure to keep your operating systems and browsers up to date with the latest security patches.
* Where your cloud provider allows it, enable two-factor authentication: For example, you could set your account up to ask for a code sent to you by SMS when you log in or use a fingerprint in addition to a password.
* Be careful about where you log into cloud services: Be wary of unsecured public WiFi networks.
* Enforce strong passwords and keep them secret: Cloud services can usually be accessed through any device connected to the public network. You will authenticate yourself to the service with a username and password. Protect yourself by choosing a strong password that is difficult to guess, but easy for you to remember. Don’t use the same password on multiple accounts. Use a password of at least 16 characters including at least one number, one uppercase letter and a special symbol. It is also better to avoid the names of family, friends or pets.