The internet is likely to be the single largest source of security risks to your business. Dodgy websites and fishy emails can be a source of virus infections and malware that can result in data destruction and financial loss. Here's how to avoid them.
Key internet threats
You may encounter a number of internet and website security issues. For example:
- Malicious websites can infect your computers with viruses, spyware and other nasty software. They might delete key data or send it to fraudsters.
- Phishing emails and websites pose as legitimate organisations in order to persuade you to hand over sensitive or valuable information, like your banking details.
- Fraudulent online shops will take your money but never deliver the goods or services promised.
- Unsecured cloud computing services. A security problem with your cloud computing service - like an attack by hackers - could lead to your business data being stolen or destroyed.
Taking key steps to protect your computer - like installing security software and using a firewall - will help you guard against these internet threats. However, there are a number of other things you and your staff can do.
Website security: spotting dodgy sites
Most website and internet security problems occur as the result of something you do. For instance, if you open a suspicious email attachment, your computer could be infected by a virus.
This human element plays a part in many IT security problems, so it's vital your staff understand how their actions can damage your business.
Unfortunately, this is a tricky message to convey. People are generally poor at sticking to security rules, particularly if they view them as obstacles to getting the job done.
Make sure your IT policies include guidance on browsing the internet and handling emails. Also offer training if you feel it's necessary. Some companies test their staff by sending dodgy-looking emails and seeing who clicks links in them. This can be a good way to demonstrate the issue.
In any case, stay on your guard and follow these tips for good website security:
- Don't judge on looks alone. It doesn't take much effort to clone a website, so don't assume a site is legitimate just because it looks like it is.
- Check domain names. Malicious sites often substitute characters in domain names (like a "1" for an "I") so they look legitimate at first glance.
- Use security software. Security software and web browsers often include website security filters which warn of suspicious sites.
- Watch out for boxes and pop-ups. Some dodgy websites display pop-up windows to trick you into installing malicious programs. Close them at once.
- Guard your information. Don't enter information about you or your business unless you're sure a website is safe.
- Use up-to-date software. Windows 10 - the latest version of Microsoft's operating system software - includes advanced features to help protect your business. For instance, it will always load your security software first, ensuring malware doesn't have a chance to block it.
If you're buying from a website, make sure the site you're on uses a secure connection to transfer your payment details. Look for a padlock and green highlighting in your browser's address bar - click this for information about the company running the site. If it doesn't match the site you're on, don't proceed with your purchase.
Always check that an online business has a real world presence, with a street address and telephone number. And it's a good idea to make your purchases with a credit card, as most offer extra protection if anything goes wrong.
Email and social media
Good internet security software and an effective spam filter will block most suspicious emails before you ever see them. But it's inevitable some will slip through the net. What's more, social media tools like Facebook and Twitter provide other channels for hacker attacks.
- Don't click links. Phishing emails contain dodgy links. To avoid malicious sites, type in website addresses manually instead of clicking links in emails. You may also find dodgy links cropping up in Twitter and Facebook messages. Think before you click!
- Be wary of attachments. Don't open anything you aren't expecting, even if they've come from someone you know. They can contain viruses - and the sender's computer could be infected too.
- Watch for inconsistencies in messages. Phishing emails often contain spelling and grammar mistakes, aren't personalised with your name, or feel wrong somehow. On social networks, dodgy messages often promise to reveal a secret. For instance: ‘see what people are saying about you'. Trust your instincts.
Although the nature of online threats is always evolving, the general principles involved in protecting your business tend to remain the same. You need a combination of strong security software and switched on staff to stay safe.