cybersecurity

Cyber Security covers five simple concepts:

1. Know the value of your data

Remember, information is an asset and this includes your personal, business and client information. The loss of some information may not seem important, however, when combined with other information it may become an asset to a criminal organisation.

Valuable information can include:

* Personal records (date of birth, addresse, account details and call records)
* Credit card and payment data (card numbers, expiry dates and payment records)
* Business information (business plans, confidential product information, legal advice, internal business rules and processes, client address books, critical network information and long term strategic plans)

2. Know who has access to your data

Know who uses the data and information to run your business. Different people may require access to information for different purposes.

3. Know where your data is

Information can be located in many different places.

It’s important to be aware of these because then you can understand what steps you may need to take before storing or managing data.

Information can be located in many different places such as, and not limited to:

* Internal Business systems
* Storage devices (such as File Servers, NAS, External HDD’s or USB’s)
* Email and other productivity applications
* Portable devices (such as smartphones and tablets)
* Apps
* Cloud services
* Vendors

4. Know who is protecting your data

Protecting your personal and business data is not someone else’s job. You have a role to play in making sure you keep information secure.

Also know how to spot suspicious emails. When receiving emails don’t just react to the logo and brand! Read the email carefully and ask yourself the following questions:

* Were you expecting an email from this individual/organisation?
* Does this individual/organisation have your email address?
* Would this individual/organisation interact with you on this issue by email?
* Should you contact the individual/organisation to confirm it intended to send this to you?
* Can you check the organisation’s website for any warnings of scams or fake emails?

5. Know how well your data is protected

Once you know the value, location, access to and protectors of your data, you will be able to understand what can be done to protect it.

Some simple things you can do to protect data:

* Think before you click. Phishing and social engineering emails are common, and are getting harder to detect
* Be aware of unknown USB devices
* Securely store and transmit information. Use secure cloud applications or other approved tools for collaboration, and encrypt data wherever possible
* Apply software updates to your computer and mobile devices
* Use VPN solutions when working remotely
* Make sure your passwords are complex. Don’t use the same password across different systems and services, and never share passwords
* Don’t use unapproved vendors, apps or sites