Cybersecurity might not be the first Christmas thought that pops into your head before you hang up your professional hat for the holidays.
Yet – especially if you’re taking a longer time off as a company over the festive season – paying attention to your cybersecurity now is going to be the best present you can give yourself this Christmas.
It might feel a bit late in the year to institute sweeping reforms though. So here is some low-hanging fruit on the cybersecurity tree you might be able to fit in before the end of the year:
Why is Christmas a cybersecurity risk?
Before we go any further, it’s worth remembering that there are a few reasons why the festive season adds some extra cybersecurity risks to the usual challenges every business faces:
- You’re out of the office – if you suffer a data breach or attack, it’ll likely be much longer before someone notices your customer data has gone walkabouts.
- You’re relaxed – cybercriminals know that Christmas is a time when you might be less on alert. They tend to plant to capitalise on this.
- You’re being bombarded with “noise” – Christmas is a time of email spam, advertising, and things you really should have done by now. It all adds up to an environment where things go unnoticed much more easily.
Christmas cybersecurity easy wins
1) Have a watercooler chat with your team
The human link is often the weakest in any business’s cybersecurity protection.
Weak passwords. Lost unsecured devices. Or a lack of general cybersecurity knowledge or awareness that leaves them (and your business) open to phishing attacks and the like.
Having a little cybersecurity chat with your team – around the watercooler or on your Google Workspace or Microsoft 365 messenger channels – is well worth a few minutes of your time.
Quickly go over the things they should bear in mind in the run-up to, during, and after the Christmas holidays. If you’re in doubt as to what to say, keep on reading!
2) Talk about phishing
You might think that the chilly weather around Christmas isn’t the best time to go fishing. Cybercriminals disagree.
If there’s one thing cybercriminals love over Christmas time, it’s fraudulent “special offer” and “sale” emails. These emails trick employees into giving up personal information that they’ve also used to secure their access to your business system. Or they can just straight-up download a virus.
Here are some thoughts for your team to bear in mind over the festive season:
- Think a text message or email is a scam? Don’t click any links or attachments.
- Convinced it’s suspicious? Report emails to [email protected] and text messages to 7726.
- In any doubt? Talk to your Managed Service Provider (MSP) or in-house cybersecurity experts.
3) Don’t forget to protect those shiny presents
Christmas is also a time when people get snazzy new bits of tech kit. Happy Christmas!
When your team starts using those new devices for work purposes though, that’s a problem. Your team needs to know how important it is to:
- Discuss with you or your MSP before using a new device for work
- Install the latest updates and patches
- Make sure firewalls are properly configured (again, your MSP should handle this)
4) Get your employees a password manager this year
These are the cheapest and best Christmas present you can give to your hardworking team.
Most people (over 65% in a recent survey) use the same rubbish passwords for their personal and work accounts. A terrifying number still use “qwerty123”.
Password managers are handy little apps that store all your passwords in one easy place. They auto-generate highly secure password strings of random letters, numbers, and special characters. Plus, they remember them for you – so no more forgotten passwords!
LastPass is probably the best known (it’s free for personal use). Once your team gets a taste of this easy, highly secure way of digital living, they won’t want to go back.
5) Don’t forget when you’re on public Wi-Fi
Working in a cafe to get those last bits of work polished off at the same time as catching up on that vital Christmas shopping is a pleasantly familiar situation for many of us. But don’t forget – public Wi-Fi is not secure.
Instead of public Wi-Fi, use mobile data or hotspots – preferably alongside the VPN (Virtual Private Network) your Managed Service Provider has set up to prevent hackers from leeching your security or payment details.
6) Make backups and keep them separate
One sensible cybersecurity measure that most people know and every MSP or cybersecurity expert worth their salt will tell you is the importance of having backups – and of keeping those backups in a separate location.
This can be in the cloud. But if not, one of the things you should definitely be wrapping up and hiding before Christmas Day this year is your backups. That’s combining digital and physical cybersecurity measures into one easily accomplished task.
Need to talk about putting slightly more in-depth cybersecurity measures in place come the New Year?
Let’s talk. Over 900 businesses in and around Bristol have used Dial A Geek to keep themselves safe from digital threats.
Set up a cost and commitment-free chat with Chief Geek Gildas Jones today to talk through your business’s specific needs.