No business, whether large or small, can afford to ignore cybersecurity, and the pressure to protect businesses is mounting as cybercriminals hone their skills to target a company’s weakest points.

While bigger corporations generally have large IT departments to respond to evolving threats such as crypto-jacking and ransomware attacks, small and medium-sized enterprises (SMEs) don’t have these huge IT teams to protect them, writes Carey van Vlaanderen, CEO at ESET South Africa.

Cybersecurity needn’t be a daunting challenge for small business owners, and there are several key steps that can be taken to significantly reduce the chances of your business becoming a victim of cybercrime.

These steps can save your business time, money and even your reputation. Moreover, SMEs that manage their cybersecurity effectively will have a competitive advantage in today’s online and interactive world.

Back up your data

It is imperative that in the digital age, businesses are making data backup and protection a high priority. It’s important to think about how much your business relies on data, whether that’s customer information, quotes, orders or payment details – all can be considered critical.

All SMEs need to ensure that they are making backups of their data, and that these are done regularly and can be restored. The backups should always be kept separate from your computer. This is so the business can keep functioning if anything bad does happen. Furthermore, if you have backups of your data that you can quickly recover, you can’t be blackmailed through ransomware attacks.

It is worth considering storing the backups in the cloud – as well as being separate from your computer, it is also often a cheaper solution for SMEs. This is because cloud providers supply your organisation with data storage and web services without you needing to invest in expensive hardware up front.

Keep your devices safe

Mobile technology is now an essential part of any modern business, with more of our data being stored on tablets and smartphones. However, it’s a regular occurrence in businesses that devices go missing, get lost or get stolen, and many of these devices contain important data too.

To protect this information, all employees should be encouraged to use a suitably complex PIN or password to secure their device. Ideally you should ensure all lost or stolen devices can be tracked, locked or wiped remotely.

On top of that, all devices should always have their software kept up to date as manufacturers often include security updates to keep devices protected.

Use strong passwords

As mentioned above, all employees should use password protection on their devices. Passwords, when implemented correctly, are a free, easy and effective way to prevent unauthorised users from accessing devices. Use two-factor authentication (2FA) on your important accounts such as email and account management dashboards. This means that even if an attacker knows your passwords, they still won’t be able to access that account.

Protect yourself from malware and phishing attacks

Malware (malicious software) is software intended to infiltrate and damage or disable computers and can often be distributed through phishing attacks in which scammers send fake emails asking for sensitive information or containing links to bad websites.

The first step in protecting your business from malware and phishing attacks is ensuring that all employees always exercise caution before opening any attachments, clicking on links in emails or visiting unfamiliar websites.

The second is ensuring that your software is up to date and that all relevant protection is applied. Finally, all SMEs should run antivirus and intrusion detection software, which can determine when an infection is about to take place and prevent it.