It has never been a more important time for small business to ‘go digital’. The digital world offers access to new markets, easier compliance with administrative tasks and the prospect of improved payment times.
We’ve found that where a business is fully digitalised, it’s 30% more likely to be in the fast-growing part of the small to medium-sized enterprise sector – it’s also much more likely to employ staff.
To engage digitally, it’s important to start with a clear digital strategy on how you will trade and market online (including social media) and the systems you can use to support your business. Although the ‘front end’ of trade and marketing is the exciting part that opens up new opportunities, the ‘back end’ is the one that does the heavy lifting and has the potential to provide real business efficiencies, especially in terms of costs and compliance time reduction. The back end includes invoicing, payment, accounting, regulatory compliance and other systems.
The back end also necessarily involves security to protect businesses against cyber attacks. Heard of hacking, ransomware and identity theft? These are real threats to business, but there are ways you can prepare for these attacks while still conducting business online. By recognising that the threat is real, and taking some small steps, you can avoid living in fear of attack and fully embrace the opportunities the internet offers.
Protecting your e-business
Typically speaking, small businesses do not have cyber security experts working for them or a plan on how to protect their online systems. The Small Business and Family Enterprise Ombudsman’s free The small business cyber security best practice guide
lists simple, but effective steps that any small business can take to keep safe online.
The guide includes how to evaluate your online presence and risks you face, how to make your accounts more secure and what to do if you are the target of a cyber attack. A key to being cyber secure is ensuring that everyone in your business is on board and has the confidence and understanding to adopt approaches to keep your business safe.
So, what are the three key steps to staying safe online that every small business can take?
Step 1: Know your risk
Remaining safe online can be achieved if you manage the risk of conducting business over the internet. Training and education for you – and your staff – about the risks of operating online will save your business time, effort and money in the long run.
One of the easiest ways to do this is by ensuring you have simple systems in place (like regular back-ups and updated passwords, firewalls and point-of-sale security). There is even an alert service to keep you up to date and information on how to tailor a response plan for your business if anything does go wrong.
Step 2: Keep current
Once you have your systems in place, it’s then really important to keep those systems up-to-date. A recent survey shows that 87% of small businesses believe antivirus software alone is enough to keep them safe. This is not true.
Due to the changing nature of cyber attacks and small businesses becoming a more popular target, relying on a single cyber security prevention measure is similar to only having a latch on your front door without any other prevention measures.
Keeping all your systems up to date with the latest security and other patches is critical. Spend an extra minute, say, each time you make a pay run, to check for system updates.
Step 3: Recognise how easy it is to know your risk, keep current and take some simple steps
Keeping software updated and regularly changing your passwords is a straightforward and quick job. You can also set up your IT systems to update automatically each fortnight which gives your business a fighting chance at being protected from online threats. Think about the online world as an extension of your physical operations and bring it into your regular operating model.
Another tip is to limit the personal details you share about yourself online, as some cyber criminals will use this information to help them break into your business or use it to impersonate you to a client, service provider or friend. We’ve heard more than one story of business email accounts being hacked and criminals impersonating staff to request unusual money transfers.
In these situations the emails looked real, but the businesses were aware of impersonation scams and took some easy steps to check before making a payment (such as making a quick phone call to confirm given the unusual circumstances).Image Source: Getty Images