Going Digital: How To Protect Your Business Online

Protecting your e-business
Typically speaking, small businesses do not have cyber security experts working for them or a plan on how to protect their online systems. The Australian Small Business and Family Enterprise Ombudsman’s free The small business cyber security best practice guide lists simple, but effective steps that any small business can take to keep safe online.The guide includes how to evaluate your online presence and risks you face, how to make your accounts more secure and what to do if you are the target of a cyber attack. A key to being cyber secure is ensuring that everyone in your business is on board and has the confidence and understanding to adopt approaches to keep your business safe.So, what are the three key steps to staying safe online that every small business can take?Step 1: Know your risk
Remaining safe online can be achieved if you manage the risk of conducting business over the internet. Training and education for you – and your staff – about the risks of operating online will save your business time, effort and money in the long run.One of the easiest ways to do this is by visiting the Australian Government’s Stay smart online and ensuring you have simple systems in place (like regular back-ups and updated passwords, firewalls and point-of-sale security). There is even an alert service to keep you up to date and information on how to tailor a response plan for your business if anything does go wrong.Step 2: Keep current
Once you have your systems in place, it’s then really important to keep those systems up-to-date. A recent survey shows that 87% of small businesses believe antivirus software alone is enough to keep them safe. This is not true.Due to the changing nature of cyber attacks and small businesses becoming a more popular target, relying on a single cyber security prevention measure is similar to only having a latch on your front door without any other prevention measures.Keeping all your systems up to date with the latest security and other patches is critical. Spend an extra minute, say, each time you make a pay run, to check for system updates.Step 3: Recognise how easy it is to know your risk, keep current and take some simple steps
Keeping software updated and regularly changing your passwords is a straightforward and quick job. You can also set up your IT systems to update automatically each fortnight which gives your business a fighting chance at being protected from online threats. Think about the online world as an extension of your physical operations and bring it into your regular operating model.Another tip is to limit the personal details you share about yourself online, as some cyber criminals will use this information to help them break into your business or use it to impersonate you to a client, service provider or friend. We’ve heard more than one story of business email accounts being hacked and criminals impersonating staff to request unusual money transfers.In these situations the emails looked real, but the businesses were aware of impersonation scams and took some easy steps to check before making a payment (such as making a quick phone call to confirm given the unusual circumstances).Reporting when things go wrong
In Australia, the Commonwealth Government’s Notifiable Data Breaches (NDB) scheme came into effect on 22 February 2018. This means that Australian businesses must disclose breaches of personal customer data where there’s a likelihood of serious harm (not just financial harm but also psychological, emotional, physical, reputational and other forms of harm).Breaches can include unauthorised access to computers, files and even accidental disclosure of information, like emailing personal information to the wrong person.The scheme applies to businesses with a turnover of $3 million or more. However, there are many smaller businesses that hold personal information that are also required to report including:- businesses that provide health services (such as doctors, pharmacists, gyms, childcare centres and private schools)
- businesses that trade in personal information (such as disclosing a mailing list to another person for commercial gain)
- credit reporting bodies
- businesses that hold Tax File Number information (where TFN information is involved in the breach).
More information
The digital world is an exciting place to take your business and, with a little planning and some back-end reinforcement, you can take your business to a whole new level.Visit www.asbfeo.gov.au for more information, or if you’re within Australia you can call the Australian Small Business and Family Enterprise Ombudsman on 1300 650 460. Look for a similar organisation in your own country if you’re outside of Australia.References
Australian Government n.d., ACORN: Australian cybercrime online reporting network, An Australian Government initiative, retrieved 20 June 2018, https://www.acorn.gov.au/.
Australian Government 2018, Data breach preparation and response – a guide to managing data breaches in accordance with the Privacy Act 1988 (Cth), Australian Government, Office of the Australian Information Commissioner, Sydney, NSW, February, retrieved 20 June 2018, https://www.oaic.gov.au/agencies-and-organisations/guides/data-breach-preparation-and-response.
Australian Government 2018, Stay smart online, Stay smart online program, Cyber Crime and Security Branch, Attorney-General’s Department, Canberra, Australia, retrieved 20 June 2018, https://www.staysmartonline.gov.au/.
Australian Small Business and Family Enterprise Ombudsman 2017–2018, The small business cyber security best practice guide, Infographic, Commonwealth of Australia, retrieved 5 June 2018, http://www.asbfeo.gov.au/sites/default/files/documents/ASBFEO-cyber-security-guide.pdf. [specific to Australia]
Commonwealth of Australia 2018, Australian small business and family enterprise ombudsman, Australian Government, retrieved 20 June 2018, http://www.asbfeo.gov.au/.
Our purpose is to transform access to education.
We offer a diverse selection of courses from leading universities and cultural institutions from around the world. These are delivered one step at a time, and are accessible on mobile, tablet and desktop, so you can fit learning around your life.
We believe learning should be an enjoyable, social experience, so our courses offer the opportunity to discuss what you’re learning with others as you go, helping you make fresh discoveries and form new ideas.
You can unlock new opportunities with unlimited access to hundreds of online short courses for a year by subscribing to our Unlimited package. Build your knowledge with top universities and organisations.
Learn more about how FutureLearn is transforming access to education