Cyber Security - Tips on How To Protect Yourself And Your Business
The ICAEW Practice Committee meeting was held in September in London and it was well attended with people coming from all over the United Kingdom. The attendees were members of all manner of practices and it was great to see everyone’s involvement and commitment towards the goal of improving standards within the profession.
The meeting covered all relevant and current topics and helped me, as a practice owner, realise that everyone has similar concerns and that there is support out there, from both the ICAEW and fellow members facing the same issues.
The day started with the City of London Police talking to us about cyber security and how vital it is to understand the importance of cyber security in this increasingly digital age. It is vital, as practice owners, that we make sure that our team, employees, friends, and family know how to protect themselves against cyber attacks. It was shocking to learn that cyber crime is on the increase and that 1 out of every 10 emails are some form of phishing or cyber attack email!
They also made us aware that the most important thing to remember about cyber crime is that it is people behind the attack - we should not view it as a random or unintentional act. Criminals know what they are after and they will find a way to achieve their goals if possible. Attackers are often trying to get information about you, or from you. Staying vigilant about data obtained from the internet, emails or unrecognised sources is a vital first step to combatting these attempts.
Also try and disable your location settings on social media applications if you are not using it for something specific. They showed us how they can trace a person’s exact location or home through free web browsers and this information can be of use if attackers are specifically targeting you or your property.
The police constable, Ian Brosnan, also asked that we report all cyber attacks including unsuccessful attempts, to help the police compile data and prevent future attacks. Please make sure all attacks are reported to actionfraud.police.uk.
Simple steps to help you and your company with cyber-attacks are:
Check the content of emails using anti-virus software and keep a sceptical and vigilant mind when clicking on links. Ask questions like; would HMRC really send me an email about a refund due to me or my client? Does the service provider normally communicate with me in this manner?
Is the email address and information correct in the email? Attackers usually try and make the email look legitimate but see if anything is inconsistent. Make sure there aren’t any spelling errors or additions to the address. Does the quality of the images look consistent with that of the purported sender?
Don’t just click on links or attachments. Make sure emails are legitimate first.
If you have any doubts, Google or check online forums to see if other people have received similar emails and if they were legitimate.
Change your mind set. We are all so busy that we try and respond to emails as quick as possible. Take 5 seconds longer to read an email properly and make sure it is what it claims to be!
Use the correct devices, keep software up-to-date and don’t allow unauthorised devices on your network or system.
Never share login details.
All devices should be encrypted to ensure that even if access is gained, the data on them cannot be read.
Be careful not to use USB sticks without scanning them for malicious code first.
Use strong passwords that aren’t easy to guess.