IT security: 7 habits for an SMB
Cyberattacks do not only target large companies. SMBs are even easy targets, because they are often less protected. The good news : a few simple habits sharply reduce the risk. Here are seven.
1. Strong and unique passwords
A short password, or one reused everywhere, is an open door. Use long passwords, different for each service. A password manager does the work for you.
2. Two-factor authentication
Even a good password can leak. Two-factor authentication adds a second proof, for example a code on the phone. Turn it on wherever you can, starting with email.
3. Updates
Most attacks exploit known flaws that are already fixed. An up-to-date system closes these doors. Install updates without waiting, on workstations and on servers.
4. Tested backups
In case of ransomware, the backup is your safety net. It still has to work. Apply the 3-2-1 rule and test a restore regularly.
5. Caution with emails
Phishing is still the main way in. An email that rushes you, scares you, or asks for a password should raise a flag. When in doubt, check through another channel.
6. Limited access
Everyone should only reach what they need. A compromised account does less damage if its rights are limited. Also remove the access of people who leave.
7. Train the teams
The best protection is an alert team. A few simple, regular reminders beat a long, forgotten training. Security is everyone's business.
Where to start
You cannot do everything at once. Start with passwords, two-factor authentication and backups. These are the three that protect the most, for the least effort. An audit helps you see the rest. For the personal-data side, see our article on the GDPR.
Our approach
We take stock of your security, without dramatising or downplaying. Then we put in place the protections that matter, sized to your organisation and your budget.
Want to secure your IT? Explore our IT consulting and audits, or get in touch.