Six cyber security habits to protect your business

In today’s digital age, ensuring the security of your small business isn’t just about having the right software - it’s about fostering good cyber habits among your team. 

By cultivating everyday habits that prioritise cyber safety, you can significantly reduce the risk of your business falling victim to attacks. Below are some common bad habits that leave small businesses vulnerable, and six proactive steps you can take to fortify your defences.

Bad habits to avoid

The cyber security resilience of a small business hinges on the daily practices of its team members. Shockingly, nearly four out of five small business owners have observed habits within their teams that inadvertently compromise security. 

About 20 per cent of small businesses keep their passwords written down or share them among colleagues, risking unauthorised access, while many businesses put laptops in 'sleep mode' instead of shutting them down, which can leave systems vulnerable to intrusions and data breaches. 

It can be tempting to ignore software updates when you are busy, but by snoozing them you can leave systems exposed to known vulnerabilities that updates patch.

Creating business documents without proper backups or adding personal details to out-of-office messages can expose sensitive information.

Accepting online and electronic information at face value is sadly another risk today. Beware of fake government service scams lurking in search results, where scammers often pay to have their misleading websites appear prominently, mimicking official government services, and as well as email compromise scams.

Tip: Read more about educating your employees to maintain good cyber-security.

Habits to build instead

Combatting these risks involves adopting simple yet effective cyber-security habits. Here are six simple habits to build your businesses’ resilience.

1. Always ensure computers are shut down, not just put in sleep mode, to install crucial updates that protect against cyber threats. 
2. Upgrade to complex, unique passwords or passphrases stored in a secure password manager to prevent unauthorised access.
3. Ensure that each team member is provided with a unique login to mitigate the impact of compromised credentials
4. Regularly update software to fix any security flaws and reduce the window of opportunity for criminals. 
5. Educate employees to recognise and report phishing attempts or suspicious emails to prevent potential breaches.
6. Add Multi-factor authentication (MFA) for an extra layer of security by requiring users to verify their identity through multiple methods.

Taking action to combat cyber risk

As a small business owner, your proactive approach to cyber security sets the tone for your entire team. By instilling these good habits and fostering a culture of vigilance, you can significantly enhance your business’s resilience against cyber threats.

Cyber security is not merely a technical issue but a matter of cultivating everyday habits that prioritise digital safety. By making simple adjustments in how your business operates, you can fortify your defences and minimise the risk of falling victim to cyber attacks.

More information

• The SBDC offers some useful information on some simple but effective ways to protect your business from cyber crime, including a list of free resources to assist.
• A cyber security assessment tool on the Business.gov.au website can help you determine how secure your business is, and get recommendations for any improvements.
• The Australian Cyber Security Centre's resources for business has a rundown on the online security practices you can put in place to protect your business.
• The Scamwatch website also has a range of information and advice to help protect you against scams. This includes tips for small business owners, a guide explaining the help available to scam victims, and an online scam reporting tool.
• Learn more about protecting your business online and explore the Office of the Australian Information Commission’s range of training resources which could help you and your staff members manage your privacy obligations within your business.