Data Privacy Day: How SMEs can improve their online security

Data Privacy Day: How SMEs can improve their online security

Monique Holtman

Monique Holtman
28th January 2019

Taking place on the 28th of January every year, Data Privacy Day is a worldwide event designed to raise awareness about the importance of respecting and safeguarding the privacy and data of online users.

Although it may not be the most exciting celebration of the year, it’s a very important one. In 2018, 90% of UK adults were Internet users yet so many of us browse the world wide web with little regard to how our personal information is being used, collected or shared. Data Privacy Day aims to inspire dialogue and empower individuals and companies to take action.

Why it’s important for SMEs to stay safe online

As a business owner, you have a duty of care to both your employees and your customers to keep the data you store about them safe. Failure to do so can lead to hacking and the loss of personal information such as credit card details. 

You may think that you’re safe from cyber-attacks because it’s much more lucrative to target a huge corporation with millions of pounds worth of customer data. While this sounds logical, the sad reality is that SMEs don’t have the resources to put in high-end cybersecurity protection which makes them a very appealing target to hackers. In fact, almost one in three small UK businesses fell victim to a cyber breach last year.

Being haphazard with your online security puts you in danger of the following risks:

  • You’re vulnerable to viruses, malware and even ransomware
  • If you’re hit with an attack, you will incur downtime. This affects the productivity of your staff and puts any revenue generation at a standstill
  • With GDPR now well and truly in force, you have a bigger responsibility than ever before to protect your customers’ data. Failure to do so can lead to hefty fines
  • If it becomes public knowledge that you fell victim to a cyber-attack or data breach, this can irreversibly damage the reputation of your business

Data published by the insurer, Hiscox last year revealed that UK small businesses are targeted with a whopping 65,000 attempted cyber-attacks per day. This is the equivalent of one successful attack every 19 seconds. Despite these incredibly concerning statistics, 52% of SMEs still have no cyber security strategy in place.

The consequence of this? Basic clear up costs for small businesses average about £25,700 a year. Is this really something you can afford to be blasé about?

What SMEs can do to stay safe online

You may not be able to shell out the cash for the same extensive security systems that large companies can, but you can do many things to defend your company and prevent customers from becoming a target. 

Educate your staff

One of the most effective ways of preventing a cyber-attack is to ensure that your staff are clued-up about online security. Involve and educate all levels of the organisation – this is something that affects everyone whether they’re an apprentice or the CEO.

As a minimum, your staff should be aware of the following aspects of online security:

  • Be careful when clicking on links, especially in emails. If it comes from an unknown source, do not click on any links. If someone is unsure about the integrity of the sender, tell them to check with your IT department if you have one or to find contact details for the company in question online so you can contact them (don’t reply to the email.) Spambots and hackers have also started using text messages to encourage victims to click links so the same principle applies to texts.
  • All devices should be password protected and locked when not in use. This is especially important with mobile phones and laptops which can easily get lost or stolen when working remotely.
  • Be smart with passwords. This applies to everything from devices to account log-ins. Avoid the most commonly used passwords, don’t use anything obvious like your child’s name and change them on a regular basis. If you suspect that any of your accounts have been hacked, change your log in details for all your accounts immediately. Most of us are guilty of having the same password for everything, making life very easy for hackers.

Install anti-virus

It sounds obvious, yet so many people overlook this simple step. If money is a problem, even free anti-virus software can protect you from a huge number of cyber-attacks.

list of top free antivirus software

For businesses, it is of course better to have a more robust antivirus solution so if you can afford business-specific antivirus software, it’s a worthwhile investment. It can be licensed to a number of different devices and managed in a centralised location. As updates to the software are released, every copy can be managed and updated with ease.

list of antivirus software

Use the cloud

Cloud services provide reliable offsite backup solutions. In the event of an attack or catastrophic loss of data, a cloud-based disaster recovery plan can get you back on your feet as quickly as possible.

Storing information in the cloud gives you an extra layer of security, as well as the peace of mind knowing that someone can’t just walk in and physically take your documents.

Encrypt your data

Before sending your data to the cloud, encrypt it for added security. This is the process of turning your information into code which means that anyone who doesn’t have authorized access or a password, can’t access your data. Although it’s not 100% foolproof, it’s better than leaving your files open for anyone to read.

If encryption sounds too technically advanced for your liking, don’t worry, there are plenty of programmes out there which can do this for you. Below is a list of some great programmes which are free or cost very little.

list of encryption programmes


Install a tracking app

A tracking app such as Prey or LockitTight enables you to wipe your device clean of files and personal data should it go missing. If you have a laptop or mobile device which contains sensitive information about your staff or customers, it’s highly recommended that you do this.

Reminding SMEs about the importance of improving their online security, James Brady, Head of Cyber at Hiscox UK & Ireland commented:

 “We know that small businesses in the UK are hot targets for cyber criminals and the statistics highlight the alarming extent of this. Most small businesses recognise the threat that cyber criminals pose on a global scale, but are less convinced of the risks facing their own operations, considering themselves ‘too small’ to be worthy targets, but this just isn’t the case.”

He continued:

“Hackers are prolific and sophisticated which makes staying on top of cyber security a challenge for all organisations. With many small businesses lacking credible cyber security strategies to help manage and prevent such attacks however, the impact when they do occur can be disproportionality severe.”

As hacking becomes increasingly sophisticated, cyber-crime is unfortunately something that businesses and individuals will need to remain vigilant about. By implementing the steps above, you can at least be safe in the knowledge that you have done everything you can to minimise the risk of an attack.