Synovitec
Back to blog
Security

IT security: 7 habits for an SMB

September 22, 20266 min read

Cyberattacks do not only target large companies. SMBs are even easy targets, because they are often less protected. The good news : a few simple habits sharply reduce the risk. Here are seven.

1. Strong and unique passwords

A short password, or one reused everywhere, is an open door. Use long passwords, different for each service. A password manager does the work for you.

2. Two-factor authentication

Even a good password can leak. Two-factor authentication adds a second proof, for example a code on the phone. Turn it on wherever you can, starting with email.

3. Updates

Most attacks exploit known flaws that are already fixed. An up-to-date system closes these doors. Install updates without waiting, on workstations and on servers.

4. Tested backups

In case of ransomware, the backup is your safety net. It still has to work. Apply the 3-2-1 rule and test a restore regularly.

5. Caution with emails

Phishing is still the main way in. An email that rushes you, scares you, or asks for a password should raise a flag. When in doubt, check through another channel.

6. Limited access

Everyone should only reach what they need. A compromised account does less damage if its rights are limited. Also remove the access of people who leave.

7. Train the teams

The best protection is an alert team. A few simple, regular reminders beat a long, forgotten training. Security is everyone's business.

Where to start

You cannot do everything at once. Start with passwords, two-factor authentication and backups. These are the three that protect the most, for the least effort. An audit helps you see the rest. For the personal-data side, see our article on the GDPR.

Our approach

We take stock of your security, without dramatising or downplaying. Then we put in place the protections that matter, sized to your organisation and your budget.

Want to secure your IT? Explore our IT consulting and audits, or get in touch.