Basic cybersecurity advice for SMEs

The security of information and data is a very important factor for any business. Large companies usually have a department devoted to cybersecurity and the prevention of IT attacks, but for small companies it can be complicated to devote part of their resources to cybersecurity.

Because of this, here we set out a series of basic tips on cybersecurity which you can start applying to your company the moment you get to the end of this article.

What are the most common attacks?

If your company suffers an IT attack, it will likely come in the form of:

  • Malware: any sort of malicious software or programme.
  • Virus: malware which infects or alters the functioning of programmes and devices with harmful or malicious ends.
  • Spyware or trojan horse: seemingly normal programmes or which are hidden inside others to steal information.
  • Phishing: supplantation of identity through email with the goal of obtaining sensitive information.
  • Ransomware: software which infects hardware and is used to coerce users, facilitating information in exchange for money.

What can you do to keep your SME secure?

Install an anti-virus on your devices

It might seem basic, but it’s the first step in detecting any cyber-attack and keeping your devices protected. Some of the most widely used anti-virus programmes are Avast, Kaspersky, Bitdefender and Norton. Most have a free version or plans to suit different types of companies.

If you use the Windows operating system, bear in mind that from Windows 8 onwards this includes the anti-virus service Windows Defender.

Remember that anti-virus services must be kept up to date at all times to remain effective.

Update the programmes on your devices

Make sure your devices have the latest version of programmes and apps. Cyberdelinquents often exploit bugs and possible deficiencies in previous versions to attack hardware.

Secure passwords

Make sure that the passwords your company uses are secure and comply with the following requisites:

  • Create long passwords that combine capital and lower-case letters, numbers and special characters such as an exclamation mark or question mark.
  • Avoid using passwords generated for you by default.
  • Use passwords which are unique to each programme.
  • Use a password manager to stay on top of them all.

Limit installations

Make sure that the programmes installed on your devices have been downloaded from a trusted source. If you’re unsure or your computer or mobile detects a suspicious file, we recommend you delete it rather than installing it.

If you have devices which are shared between various workers, you can also limit permission to install new software. This way you can avoid any malicious software being installed.

Be careful with attached files and suspicious links in emails

Email is one of the main ways in for attacks on businesses. If the link is from an unknown source or you don’t know what you are being sent, it’s best not to open it. Check the sender’s address properly and make sure it’s not a phishing attempt. 

Use secure networks

It is important that your internet connections are safe and encrypted. Your routers must have firewalls and be up to date. You can also limit the devices which connect to your network by configuring your hardware.

If you use a public network to connect to the internet at any point, remember that you may be sharing data and exposing information to others. Avoid this wherever possible.

We hope these tips help you to keep your SME secure. Think about making back-up copies whenever you can, so that all your information can be re-established in the event of a cyberattack.

Main topics for the GeoTLD meeting

Frankfurt hosted a meeting for the members of the GeoTLD group on 9 September, adopting a hybrid virtual and on-site format due to the pandemic.

The meeting was used to present and discuss the latest on the next round of GeoTDL requests, as well as to exchange opinions on the relationship and cooperation between registers and different departments of the ICANN. The meeting concluded with a session on the abuse of DNS (Domain Name Systems) and cybersecurity.

These meetings are fundamental for members of the GeoTLD group to be able to exchange impressions in an enriching way, particularly on their goals and on the point where each of them is at.

A geoTLD is a top-level domain which represents communities of a cultural, linguistic or social nature with a strong and specific geographical presence. Members include the domain .scot, .cat, .eus and .gal, as well as city domains such as .sydney, .stockholm and .barcelona.