Cyber security 101 for business
< back

Cyber security 101 for business

Posted: 21 April 2021

You arrive at work to find that files with sensitive commercial and client information held on your computers have been hacked. This is the situation the Reserve Bank of New Zealand (RBNZ) found itself in earlier this year. In January, the RBNZ encountered a data breach of its global file-sharing application Accellion FTA. This application was once used by the RBNZ and its stakeholders to share personal and commercially-sensitive information.

It is alarming to contemplate having to negotiate with hackers who have stolen your business information for ransom. All businesses can learn from the RBNZ’s incident to increase awareness of cyber security and minimise the risk of a hacker attack. Prevention is the best solution.

 Install antivirus software

Antivirus software helps detect, quarantine and remove malicious software from computers. Although Windows 10 comes with Windows Defender built-in, this only provides a baseline level of protection. Hackers are constantly inventing new viruses and threats, and it’s important to have up-to-date antivirus software. It’s worth paying for reputable antivirus software; free antivirus software programs can be fake and/or harbour viruses.

 Use a virtual private network (VPN)

If you connect a device to free public Wi-Fi networks at, say, local cafes, you’re running a business risk. If hackers access that network, they can see everything you do on the internet, including logins and passwords. A VPN helps to protect you from these risks. A VPN provides online privacy, anonymity and security by creating a private network connection. Like antivirus software, it is worth paying for VPN software to ensure you receive a higher quality product.

 Implement patch management

Patch management ensures that all operating systems and software on your business computers are up-to-date so the likelihood of a known security risk being exploited on your computers is reduced.

 Although it is tempting to delay notifications that say ‘Windows needs to restart your computer to install the latest update’, installing those updates is critical to maintain security.

 Older operating systems such as Windows 7 are easier to hack than the later version (Windows 10) because Microsoft no longer provides updates and support has ended. As a result, there are known security vulnerabilities which have not been fixed.

Regularly back up data

Your IT systems, including all data, should be backed up to a secure location, so that business can be restored quickly if it is cyber-attacked or there is another data loss event. Typically backup and business continuity plans are developed to ensure downtime is minimised. Often this will include backups taken at multiple times on any given day and at day end, and stored in multiple locations. Backups should be held for a reasonable period to avoid replicating viruses or other harmful codes.  

Implement email filtering system

Emails are a big threat to cyber security. An email can purport to be from a genuine company but have fake credentials, could have been compromised by a hacker or have malicious attachments. 

 Downloading such emails could give a virus access to your computer. It is advisable to prevent programs from being run inside email attachments without permission. Email filtering system features are available with some Microsoft products but you may need to ensure these are turned on.  

Read the full issue here 

DISCLAIMER: All the information published in the Property eSpeaking, Commercial eSpeaking, Trust eSpeaking, Rural eSpeaking, and Fineprint newsletters is true and accurate to the best of the authors’ knowledge. It should not be a substitute for legal advice. No liability is assumed by the authors or publisher for losses suffered by any person or organisation relying directly or indirectly on this article. Views expressed are those of individual authors, and do not necessarily reflect the view of this firm. Articles appearing in Property eSpeaking, Commercial eSpeaking, Trust eSpeaking, and Fineprint may be reproduced with prior approval from the editor and credit given to the source. Copyright, NZ LAW Limited, 2019. Editor: Adrienne Olsen. E-mail: [email protected]. Ph: 029 286 3650 or 04 496 5513.

Cyber security 101 for business