During this year's Stay Smart Online Week, small businesses are being asked to think about what they share or store online – and what it would mean if it was lost or stolen.
Cyber criminals take advantage of the fact that businesses store sensitive information online. Attacks on your online systems can be commercially and financially devastating to your business, your suppliers, your contractors and your customers.
You can protect your business by taking steps to secure your online data.
Your domain name
Cyber criminals use a range of techniques to intercept or redirect traffic and data intended for your website. Your website could be defaced, used to host or distribute malware, targeted for theft, your emails hijacked, customer data lost, or credit card information stolen.
Keep your domain name registration information secure by following these tips:
- use strong administrator passwords
- limit access to your domain registration account
- use a restricted or private email account to administer your domain registration
- keep your registration and contact details up-to-date
- monitor your domain and registration.
Your website hosting provider should offer good security and transparent, upfront information about how they address concerns such as:
- maintenance—do they keep software updated on your host servers
- backup—how do they back up your site and how will they restore it in the event of problems or disasters
- shared hosting—which other websites and services share host infrastructure with your website
- security features—does the hosting support up-to-date security protocols used for transferring data, such as Secure File Transfer Protocol (SFTP) and Secure Sockets Layer (SSL) encryption
- eCommerce—do they provide secure services for transactions or other sensitive data as a priority.
Point of sale systems
Hackers target point of sale (POS) systems because they’re often neglected and offer direct access to payment data. Make sure you:
- keep your POS software up-to-date
- use security software including firewalls and antivirus detection
- minimise POS access to the internet
- disable remote access.
Many cyber-attacks are initiated through communications systems – phone networks, email and messaging services.
Use reputable, up-to-date security software to reduce your risks of being affected by these types of threats.
Education and awareness
The weakest link in security is people.
Invest time in staff training and awareness to help reduce risky online behaviour and reduce the chances of scams and social engineering attacks affecting your business.
The online security measures you take today can not only help protect your business from existing threats but also from threats that are yet to emerge.
The Australian Government’s Stay Smart Online website offers advice to small businesses and other Australians about being secure and safe online.
Stay Smart Online, in collaboration with Australia Post, Australia and New Zealand Banking Group Limited, Commonwealth Bank, National Australia Bank, Westpac and Telstra, has developed the Small Business Guide to help you put in place some basic online security practices.
Scamwatch is proud to support Stay Smart Online Week (12 - 16 October 2015) – an initiative of the Department of Communications and the Arts.