The disruption caused by the Covid-19 crisis has forced small business to change how it operates; non-essentials workers are now working remotely and physical events have become virtual.
In this new mass remote and online environment, what can a small business do to protect itself and its workforce from coronavirus scams and cyber security threats?
We spoke to the National Cyber Security Centre (NCSC) for the latest coronavirus cyber security advice:
What cyber security advice do you have for small business?
For organisations of all sizes this period presents a cyber security challenge, and this is particularly the case for those moving towards home working arrangements for the first time, or significantly increasing home working.
The NCSC recently published new guidance for organisations with staff working from home, which includes everything from preparing for home working to helping staff look after devices.
Smaller businesses may also wish to familiarise themselves with the NCSC’s Small Business Guide, which sets out five steps to take to bolster their cyber security, and SMEs should encourage staff to try the NCSC’s e-learning package while working from home.
As well as taking steps to protect themselves from becoming a victim it is important for businesses to plan how they would react if they did have an incident. The NCSC’s Small Business Guide: Response & Recovery helps small businesses prepare their response and plan their recovery.
‘Be careful to spot phishing scams — especially those using coronavirus to seem legitimate’
Home workers must be careful to spot phishing scams — especially those using coronavirus at the moment to seem legitimate. In the event that someone does fall victim, they should as quickly as possible report it to their IT department when the incident is work-related or Action Fraud when it is personal. The NCSC’s guidance on suspicious emails provides more tips on this.
>See also: How your IT team can support small business during coronavirus lockdown
What can small businesses do to ensure their remote workforce is secure?
Our new home working guidance includes advice on having strong passwords on staff accounts with two-factor authentication, using VPN to allow secure remote access to IT resources, and keeping software up to date. If users are being asked to use their own devices, we’re pointing to our bring-your-own-device guidance.
>See also: Best video conferencing tech for your small business
What is the NCSC’s advice to managers when it comes to security?
While working from home will not be new to many organisations and employees, the coronavirus outbreak is forcing organisations to consider home working on a greater scale, and for a longer period of time. Our advice to leadership is to work closely with their technical teams, familiarise themselves with our security guidance and use it to support employees.
Further reading on small business coronavirus cyber security
Many small businesses still aren’t prepared for cyber attacks