In a growing business, everyone has a role to play in driving success – and that includes cyber security. The best-run SMEs take IT threats seriously, and ensure your whole workforce contributes to reducing risk. But are the measures you’ve got in place enough to fully protect your company from cybercriminals?
To help you understand how cyber savvy your team is, and take steps to become more IT secure, take our quick 12-question quiz – you’ll have an answer in less than 3-minutes!
For ore about How to run your business securely – inside and outside the office, DOWNLOAD OUR PRACTICAL GUIDE FOR SMEs. It’s packed with valuable information and free tools.
Q1: What kind of technology does your team use to do their job?
A – company-issued computers, smartphones and other digital devices
B – a combination of company-issued tech and their own devices
C – their personal computers and smartphones
Q2: What happens if someone wants to connect their personal smartphone, smart watch, tablet or laptop to the work Wi-Fi/company network?
A – they speak to our IT support service about following the correct guidelines
B – they connect themselves but let us know first, and install company security software
C – they just connect their device, no questions asked
Q3: How do your team access, save and share files?
A – through our secure cloud server
B – mostly through the cloud, but sometimes they save things to their desktop
C – they save most documents to their own computer and share them as attachments
Q4: What rules do you have in place for creating work passwords?
A – we regularly remind team members to make sure their passwords are 8-10 characters long and include a mix of lower/upper case letters, numbers and special characters. It’s written into our IT policy
B – we’ve written into our IT policy that passwords should be 8-10 characters long and include a mix of lower/upper case letters, numbers and special characters, but we don’t remind staff
C – we don’t have any rules for creating work passwords
Q5: How often do your team change their work passwords?
A – every 90 days; we have set programme in place
B – whenever they remember; we encourage them to change passwords regularly but don’t have a set schedule
C – they don’t change their passwords unless they get locked out of a programme
Q6: Have you got multi-factor authentication systems in place, so staff verify their identity when logging onto your network from a new device or location?
A – yes, every team member uses multi-factor authentication
B – we encourage it, but do not enforce it
C – no, our team don’t use multi-factor authentication
Q7: Do you have an IT policy that you share with employees, and do you train teams in cyber security best practice?
A – we have an IT policy and carry out regular cyber security training sessions
B – we have a policy, but we don’t insist on security training for all staff
C – we don’t have an IT policy or do any kind of cyber security training
Q8: What kind of IT support do you have in place for your team?
A – we use an external managed service provider, which all our team can contact directly
B – we have an in-house IT expert or nominated IT go-to person
C – we don’t have any formal IT support in place
Q9: What happens if your team encounters an IT problem, or they’re worried about suspicious activity?
A – they go straight to our IT support service
B – they discuss it with a colleague who understands IT
C – they ignore the issue or try to fix it themselves
Q10: When your team are working remotely, what security protocols are in place?
A – malware and antivirus software is installed on their devices, they have a firewall installed on their home network, and they use a VPN to connect when in a public place
B – they have some of the measures listed above, but not all of them
C – they take no additional security precautions
Q11: Do your team understand what phishing emails are?
A – yes, we train them regularly and have a procedure in place for reporting suspect emails
B – yes, we make them aware but don’t have any procedures for reporting phishing
C – not sure, we don’t talk to our team about phishing
Q12: How much of your business network do the team have access to, and how do they share files with third parties such as suppliers and contractors?
A – employees can only access parts of the system that are relevant to their role, and can only share files with approved third parties via a secure link
B – employees can access and share files across most of the system, but sensitive information like payroll and HR is protected, and external suppliers must be approved
C – employees can access the whole system and external file sharing is unregulated
It’s time to tot up your scores! If you answered…
Great news! You’re well aware of the cyber security threats to SMEs, and you’re sharing the responsibility of protecting your business with the whole team. You’ve put best practice in place to limit the risk of a cyber-attack, and you’re investing in the software to detect risks and flag any compromises that occur.
However, you can’t afford to take your foot of the pedal. Cybercriminals are always thinking of new, sophisticated ways to target businesses. To continue safeguarding your security, it’s best work with an IT managed service provider that understands the changing requirements of growing/scaling companies.
Switching to an SME-specialist IT provider is simpler than you think. Learn more about Epoq-IT’s SME all-in-one solutions and services to protect your company round-the-clock.
Well done! You’re taking SME security threats seriously and are starting to put measures in place that will reduce the risk of your business falling victim to cybercrime. But there’s still a way to go before your approach to cybersecurity is a coordinated, full company effort.
Cybercriminals are always looking for new and inventive ways to target companies. SMEs are often the most vulnerable, because you don’t have the time or in-house resources to stay cyber savvy. That’s why partnering with an external IT managed service provider is a really powerful next step.
Outsourcing your IT to an SME specialist takes the weight off your shoulders, while giving you access to industry-leading software and round-the-clock monitoring. Learn more about Epoq-IT’s SME services to bring the latest best practice to your business.
Honesty time! You know that there’s more you could be doing, but cyber security isn’t a huge priority right now. However, we’d hate for you to find out the hard way just how financially and reputationally damaging a cyber-attack can be to an SME.
The quickest, easiest way to protect your small business from cybercrime is to outsource your IT to a managed services provider. Let an expert take care of everything – from installing software and monitoring threats, to introducing secure processes and training your team – leaving you free to focus on business growth.
Learn more about Epoq-IT’s SME services to see how simple and affordable outsourced IT can be.