person near apple keyboard and cup with coffee beans

Protect your business from cybercrime

Posted by on | Featured

Protect your business from cybercrime

person near apple keyboard and cup with coffee beans

Is it time for an IT review?

For many people starting their own business, especially small businesses, they usually know an IT person. A person who can set them up with a Microsoft business account on their home laptop. If this sounds like your business IT setup, then read on. 

At the end of March, I attended a cyber resilience session hosted by IT Works and presented by Outfox. It was a very interesting and engaging session that provided a fantastic introduction to cyber resilience and awareness. After attending the session, I started thinking about how a blog about this topic would be helpful for sole traders.

If you are interested, you can complete a free Cyber Health Check with Outfox to see how your business stands up to cyber risk.

What damage does cybercrime cause?

In 2015, it was predicted that by 2020 cybercrime would cause losses of approximately 5 trillion dollars worldwide. This prediction increased to 10.5 trillion dollars by 2025. However, thanks to a bumper year in 2023, cybercriminals stole 12 trillion dollars. At the start of this year, the World Economic Forum has upgraded their predictions and believe that by 2027 cybercrime will cost the world 23.4 trillion in lost GDP.  It would appear that cybercrime is a problem. 

Cybercrime is advancing technologically at an exponential rate. To mitigate those advances, awareness of cyber breach methods can help significantly reduce the risk of attack. The consequences of a breach are multiple, such as: 

  • Loss of reputation and confidence in the business 
  • Regulatory penalties and breach notification expenses 
  • Loss of sensitive/confidential data 
  • Downtime for investigation, cause, and implementing repair 
  • Restoration costs 
  • Hardware damages 
  • Loss of digital assets and IP 

Will I be targeted?

Some may assume that cyber criminals target big organisations and government departments directly. However, an easier approach is to target a family member, friend or colleague who doesn’t work in the organisation. Access can occur instead through a backdoor approach using this method, by using a much less secure network to piggyback in through an unsuspecting email or insufficiently protected remote connection.

Not all cyber criminals aim for large organisations. Why go for organisations that have multiple levels of security? It is much easier to access a small business with potentially minimal security and target their invoicing system or blackmail them with stolen data or client harassment.

Cyber threats are much more likely to succeed if the person using the IT system and devices is unfamiliar with the risks.

 

DO YOU KNOW HOW TO RECOGNISE A BREACH?

  • Are your devices acting differently, taking longer than normal to open tabs, run software, etc.? 
  • Have you noticed suspicious and/or unusual sign-in attempts?
  • Have you noticed unusual email activity such as deletion, forwarding, etc.? 
  • Have you clicked on any suspicious links asking for login details and provided those details? 
  • Have you checked your credit record lately for signs of identity theft?  

 

DO YOU KNOW WHAT DO DO IN THE EVENT OF A BREACH?

  • What will you tell your clients, suppliers, etc.?
  • How will you replace your hardware?
  • Do you have your data backed up ready to reinstall?
  • Do you know how to tell when the breach happened – hackers can be on your network for some time before they launch a visible attack. If you reinstall a backup, you must be confident that it was from before the hacker entered your systems. Otherwise, you could just cause the same problem to occur again.

Passwords are like underwear. Don’t let people see it, change it very often, and you shouldn’t share it with strangers.

Chris Pirillo

How do I keep my devices and accounts safe?

⁉️ Do you maintain strict password discipline such as: 

  • Suitable password length and complexity, i.e. a minimum of 14 characters and a passphrase that only you can remember, e.g. Thed0g1swhite&dumb.
  • Different passwords for each account you need to access?
  • Updating passwords regularly?
  • Not sharing login details with others?
  • The use of MFA, SSO, passkeys, password managers? 

 

Check out these ownyouronline.govt.nz links below for more help:

 

⁉️ Do you have your IT system setup so that:

  • Your devices are regularly updated with the latest operating system versions?
  • Have automatic updates turned on?
  • Have a comprehensive backup plan? (Microsoft OneDrive and Google Drive are not backup systems, they are collaboration platforms.)
  • You use a Microsoft Premium business account rather than Standard to give you greater protection against cyber threats? 
  • You can remote wipe your devices in the event of theft?
  • You have BitLocker encryption on your laptop, so if it is stolen, your files can’t be accessed?
  • Your social media settings are set to private, and you don’t put too much personal information on your accounts.

 

⁉️ Have you undertaken cyber awareness training so that:

  • You can recognise scams, hacks, phishing attacks, etc.?
  • You are wary of invoices sent out of context or in a different format from normal (i.e. sent direct from an email address rather than the usual accounting software)?
  • You check the details of email addresses – the spelling is correct; the domain name is valid (@govt.nz for example). 
  • You recognise unusual patterns regarding email activity, such as work emails sent to an alternate email address, e.g., your personal email address?
  • You recognise suspicious links asking for updates to login details?

 

⁉️ If you work from a home office do you:

  • Still use the password your home Wi-Fi router came with? Change it. 
  • Use personal devices for work? Downloading free games can increase the risk to your devices and home network; this goes for others using devices that all share the same Wi-Fi network. 
  • Provide your home Wi-Fi details to visitors regularly? If you don’t know what they are downloading or playing on their devices, this also increases the risk of exposing your network to breaches. 
  • Use a lot of smart tech – smart fridge, doorbell, etc.? Do you know the country of manufacture? Paying for a cheaper alternative could increase the risk of exposing your home network to a breach or increased risk of information theft.

 

⁉️ If you travel a lot for work then: 

  • Don’t use available free Wi-Fi, use a hotspot instead. 
  • Be wary of hotel guest Wi-Fi and safes.
  • Know how secure your clients/suppliers’ Wi-Fi connection is before accessing.
  • Be wary of airport charging stations for your devices.
  • Don’t let your devices out of sight whenever possible.

 

And finally…going on holiday?

  • Leave your work devices at home. If you use your mobile to check emails, you can temporarily remove your mailbox from your phone and put it back on when you return. It is a holiday after all 😀

How can freemeup help?

Freemeup has joined forces with the experts at IT Works to provide you with a comprehensive suite of packages that reduce the risk of cyber threats by providing: 

💻 Microsoft 365 Business Premium License – access to essential tools like Teams, Word, Excel, and Outlook. Plus, seamless syncing of bookmarks and search history with Microsoft Edge.

💻 Advanced cyberthreat protection and device management capabilities which are not provided with the Microsoft 365 Business Standard license.

💻 1 TB of cloud file storage through OneDrive and the option to use SharePoint for organised and collaborative file storage. 

💻 Advanced Endpoint Protection with Microsoft Defender for Business, delivering comprehensive antivirus, malware protection, and more for your devices. 

💻 Comprehensive Backup Solutions – off-site backup services encompassing your Microsoft account, email, OneDrive, SharePoint, Teams, AND your desktop and My Documents folders.

💻 The option to enroll in Microsoft 365 Azure, providing benefits such as ensuring the configuration of the above services is automatically deployed to your device.

💻 Business continuity setup – offsite backup and reinstallation of data if needed, plus free use of a loan device while you wait for your replacement device to arrive.

💻 Device and account monitoring to reduce the risk of cyber attacks.

💻 The option to join a free online cyber resilience session and a basic IT review to see how your business stands up to cyber risk.

💻 BitLocker encryption key storage and remote wiping if your device gets stolen. 

💻 A dedicated freemeup email address. Existing business mailboxes can also be added to the freemeup account.

💻 Document templates so you can start sending out letters, reports, and more straight away.  

💻 A working hours support desk for when you need help – setting up SharePoint sites, inviting users, or any other questions or concerns you have.

💻 Removal and return of all data, including emails, in the event you cancel the Technology service.

💻 All this for just 1% (plus GST) of your income.

*Service Agreement applies

So, why not take advantage of all the hard work we have done? You can be up and running faster, doing the work you love, and not worrying about sorting out your tech stuff! 

Technology – freemeup

Disclaimer: All content provided on freemeup.nz is for informational purposes only and is intended a a general information resource regarding the matters covered. It is not tailored to cover specific situations and circumstances and shouldn’t be taken as direct professional advice. Freemeup makes no representations to the accuracy or completeness of the information found on this site or found by following any links on this site and will not be held liable for any losses, injuries, or damages from the use of this information. 

More
Articles