Cybercrime is one of the most pressing challenges plaguing economic activity in Africa. According to a report in the Financial Mail, as the continent’s GDP reached $3.3-trillion, the cost of cybercrime climbed to $3.5bn, with Nigeria, Kenya, and South Africa recording the largest losses. In fact, according to the SA Banking Risk Information Centre, SA loses $157m annually to cyberattacks. 

The Internet allows businesses of any size in any location to tap into new markets and work more efficiently using computer-based tools. Whether you’re adopting cloud computing, or just using email and maintaining a website, cybersecurity should be a part of your business plan. If you use the Internet, you are responsible for creating a culture of security that will enhance business and consumer confidence. 

The smaller the business, the greater the security risk because it’s less likely that small businesses have dedicated IT support. So how do you protect your business in the digital landscape you rely on every day? 

1. Backup your data 

Regularly backup the data on all computers, including word processing documents, electronic spreadsheets, databases, financial files, human resources files, and accounts receivable/payable files. The best practice for this is to ensure backups are automatic and done weekly, at least, and backup copies should either be stored offsite or in the cloud.  

2. Have a data security policy 

Create a formal IT policy that protects your data and resources and also details what to do when things go wrong. Then teach your employees about your policy. In this document, consider including applications that can and can’t be loaded on company computers, the need to use strong passwords, the proper use of a company-issued computer, including the Internet and how email is used – ie what should and shouldn’t be opened or forwarded.  

3. Password protection 

Every security policy has passwords at its core. A basic rule of thumb is that the more keystrokes in a password, the strong it is. Encourage staff to use strong passwords with at least eight characters and embedded numbers or characters to stop simple attacks that guess passwords. Writing down and storing passwords on cell phones will put your company’s security at risk. Rather use LastPass or other similar security services that offer secure password-generation options. 

4. Keep machines clean 

To protect information, computers, and networks from cyber attacks, keep your office computers clean. Ensure you have the latest security software installed on all machines that protect web browsers and operating systems against viruses, malware, spyware and other online threats. Your antivirus software should run in the background and complete a full scan after every software update.  

5. Create a mobile device action plan 

If staff use mobile devices, these present a significant security threat to your business – especially if they access your company’s network. Ensure your staff password-protect their devices, encrypt their data, and have security apps installed to prevent information theft while the device is on public networks. Also, ensure you have a reporting procedure should a staff member’s device get lost or stolen.  

6. Secure wi-fi networks 

Make sure your wi-fi network is secure, encrypted, and hidden. To hide your wi-fi network, set up your wireless access point or router, so it doesn’t broadcast your network name, known as your SSID, and password-protect your router.   

Conclusion 

For SMEs, the impact of cyber-attacks goes well beyond financial loss and disruption to daily operations. There’s also a loss of reputation and perhaps your customers’ trust as well. Of all businesses, SMEs struggle the most to find affordable security measures and it’s this that leads to sub-standard protection or, worse, no security at all. 

As attackers get more sophisticated, and more businesses are being targeted, how are you ensuring your company’s data is safe?