10 simple cybersecurity tips for SME businesses

ramsac blog 10 cybersecurity tips

Posted on December 15, 2021 by Rob May

For SME businesses, managing effective cybersecurity might seem like a challenge. Antivirus software is expensive. Training costs time as well as money. Just knowing what you need to protect yourself against can be difficult.

But there’s no doubt about it, you need to protect your business from cyber threats.

Watch on YouTube

In today’s digital world, it isn’t a question of “if”, it’s a question of “when” you are going to be attacked. Almost two-thirds of UK companies employing between 10 and 49 people – the equivalent of 130,000 businesses nationwide – fell victim to some form of cyber crime last year.

The average cost of a cyber attack to small businesses is £65,000. This cost comes in the form of damaged assets, financial penalties and business downtime.

What can you do to protect your business?

Here are 10 tips any SME business can use to improve their cybersecurity.

Online security

1. Trust your instincts online

Even if you don’t consider yourself a “digital native”, trust your gut. If it looks dodgy, it probably is. If it looks too good to be true, it definitely is. Be wary of pop-ups and don’t click on links or enter personal details into them.

2. Be email-wary

Learn how to spot spoofed emails and be on the lookout for them. Be especially cautious of messages that:

  • are from unfamiliar senders,
  • request personal or financial information over the internet,
  • aren’t personalised,
  • try to force you into hasty action with frightening or upsetting information.

3. Don’t ignore updates

Keep web browsers and operating systems up to date. Most updates are rolled out to combat a new cyber attack or patch a recently discovered vulnerability.

4. Practice good password management

Consider using a password management tool to create and secure your logins. If you don’t want to invest in a tool, use strong passwords.

2019’s most common passwords you should NOT use

  • 123456
  • 123456789
  • qwerty
  • password
  • 1111111
  • 12345678
  • abc123
  • 1234567
  • password1
  • 12345

In the office

5. Be aware of who is entering and exiting your workplace

Many thieves and scammers succeed by exploiting social behaviour such as compassion and politeness. Brazen thieves have been known to simply walk into an office as if they belong there and remove items unchallenged.

If you have the infrastructure to support it, protect your office by implementing a mandatory sign-in and name badge policy for visitors

Be vigilant to strangers – a simple “excuse me, can I help you?” can help verify identities, without any risk of causing offence.

6. Secure your workspace

Don’t leave valuables in clear view or in unlocked drawers. Close and lock doors and windows before leaving a room empty for any length of time. Clear meeting rooms and wipe whiteboards/flipcharts after use. And remember the big 3:

  • Don’t share your office ID or leave it lying around
  • Lock your PC screen whenever you leave your desk
  • Don’t write down passwords and leave them lying around

On the go

7. Keep your devices secure

Don’t take a for-business device with you when travelling unless you are sure you need it. When travelling, keep your device with you at all times. Don’t leave it in a car or hotel room.

Avoid rooting or “jailbreaking” your devices. This can cause them to become vulnerable to attack. You should also be mindful of what you put in your devices.

Do not trust or use any USB devices without first having it checked and given the all-clear by your IT department.

8. Remember, there’s data on your phone too!

Back up your data, lock your phone, make use of apps such as “Find My iPhone” or “Android Lost” and enable remote access to protect and preserve your information if your phone or tablet is lost or stolen.

Clear all data before exchanging, selling or disposing of your device.

9. Be smart about apps

Only download apps from a legitimate app store and only download apps you need. App malware is a rarely considered but serious issue affecting mobile devices. Check reviews and seek advice from people you trust before downloading a new app.

10. Only connect to trusted networks

Never use public Wi-Fi or computers when you are handling or working with sensitive information. Use a virtual private network (VPN) if possible and adjust your device’s security settings to limit access.

VPNs

VPN stands for virtual private network. It extends a private network across a public one enabling users to send and receive data safely.

VPNs provide:

  • confidentiality
  • authentication
  • message integrity

Protect your business with ramsac

As one of the most trusted providers of cybersecurity solutions and support across London and the South East, we offer you protection and peace of mind.

We will help you carry out a thorough cybersecurity risk assessment and then plan and implement a proportionate response to the results. We also educate end-users and implement internal policies for the safest use of technology and the protection of your data.

Get in touch

Related Posts

  • Smishing: How fake texts can trick your team
    May 9th, 2025

    Smishing: How fake texts can trick your team

    Cybersecurity

    A real-world example of a WhatsApp scam targeting ramsac staff shows why organisations must stay vigilant against smishing attacks, here’s what to look for and how to protect yourself. [...]

    Read article

  • What SMEs can learn from the Marks & Spencer cyber attack
    May 1st, 2025

    What SMEs can learn from the Marks & Spencer cyber attack

    Cybersecurity

    What can SMEs learn from the recent Marks & Spencer cyberattack? We explore key lessons and practical steps to strengthen your cybersecurity and protect your business. [...]

    Read article

  • Why ISO 27001 certification matters for your business
    April 30th, 2025

    Why ISO 27001 certification matters for your business

    CybersecurityIT

    Explore why ISO 27001 is essential for data protection, client trust, and business growth, and how ramsac can help you achieve it with ease. [...]

    Read article

  • AI in Malware Analysis
    April 28th, 2025

    AI in Malware Analysis

    AICybersecurity

    This blog explores how AI is revolutionising malware analysis, providing detailed insights into its methodologies, applications, and benefits.  [...]

    Read article

  • Understanding Data Exposure Risk in SharePoint and OneDrive
    April 1st, 2025

    Understanding Data Exposure Risk in SharePoint and OneDrive

    CybersecurityMicrosoft 365Technical Blog

    As the way we work continues to evolve, proactively managing data exposure in SharePoint and OneDrive is essential to safeguard sensitive information and maintain trust in an AI-driven world. [...]

    Read article

  • Cyber Essentials: Transitioning from the Montpelier to Willow Question Set
    March 11th, 2025

    Cyber Essentials: Transitioning from the Montpelier to Willow Question Set

    Cybersecurity

    Cyber Essentials is evolving, on April 28, 2025, the Willow question set will replace Montpelier. Discover what’s changing, how it affects your certification, and how ramsac can help you [...]

    Read article

Quiz yourself

Are you more cyber savvy than an 11 year old?

11-14 year olds get asked these questions in school. Could you get these right?

X