Skip to main content
Image of hands on a laptop

Cybersecurity tips for small business

Have you ever thought about how much of your business information is stored on a smart phone, computer or online? Or what would happen if you lost access to that information or it became compromised?

When you consider that 43 per cent of all cybercrime targets small business and the volume of vital business information that gets stored electronically, the need for good cybersecurity practices is real.

Here are five simple but effective ways to protect your business.

Use strong passwords

You’ve no doubt heard this one before, but easy to guess passwords continue to be a weak point for many businesses. The longer and more complex your passwords are the better. A good start is to have a mix of upper and lower case letters, numbers and symbols. If you find these hard to remember, try a passphrase – a combination of three of four random words that, when combined, provide a longer and harder to guess password (for example: PurpleDoorBananaFloor).

When it comes to your computers, networks (such as your Wi-Fi) and mobile devices, ensure that you have strong passwords that are regularly changed. In particular, if any devices come with default passwords (for example: your modem may have a default password to connect to Wi-Fi) you should change this password as soon as possible. If your devices allow you to add two-factor authentication, enabling this function will provide you with an extra layer of protection.

If you employ staff, you may also want to consider providing access to systems and passwords on a ‘need to know’ basis.

Secure your devices and networks

There are a few practical things you can to do keep your devices and network secure, such as:

  • Having up-to-date security software installed and running regular anti-virus scans.
  • Avoiding the use of storage devices, like USBs or hard drives, that have come from unfamiliar sources (unless you can run an anti-virus scan on them first).
  • Ensuring all portable devices, such as smart phones and tablets, can only be unlocked by PIN.
  • Limiting the use of public Wi-Fi networks which may be unsecure or vulnerable. In particular, you should never use public Wi-Fi to make online payments and/or access financial records.

Regularly back-up your data

Having one back-up is a good start, but ideally, you should also have a back-up of your back-up too. Don’t worry, this isn’t as hard as it seems. Online and cloud storage are a popular back-up option, but unfortunately can also be compromised. Ideally, you should not only keep an online back-up of your data, but also have a physical storage device, like an external hard drive, that you regularly back-up your files to.

Educate your employees

If you employ staff, take the time to talk to them about the importance of cybersecurity and protecting any information relating to your business that they may store on computers or mobile devices. Explaining what you deem to be an acceptable use of business information and devices will ensure they have a clear understanding of your expectations.

Be aware of the latest threats

Major cybersecurity threats are regularly reported in the media, so keeping up-to-date with the news can give you a heads up on the latest threats and attacks so you can stay one step ahead.

The Australian Cyber Security Centre (ACSC) also offers a free email alert service that can provide you with information on the latest online threats and what you can do to keep them at bay.

More information

Read our tips on how to protect your business from scammers for more online security tips and measures to help protect your business.

Download the small business cyber security guide from the ACSC website which outlines more online security practices you can put in place.

Last updated on:

Get the latest SBDC small business news