Many cyber security incidents can be prevented by applying basic computer security practices, controls and software programs.
Here are the minimum steps you need to take to improve your cyber resilience.
Keep your business computer for business use only
If the computer you use for business is shared with family members or used for social media, playing games, watching videos and downloading music, there’s a higher chance of it being exposed to malicious software. Even with separate logins, there is still the possibility that another user of the computer may unintentionally download a virus or malicious software to the computer itself, which can affect your business information. It is good practice to have a dedicated computer for business use.
Always keep your operating system and applications up to date
An Operating System (OS) manages all the software and hardware on a computer system. The most common types of OS are Microsoft’s Windows platform or Apple’s Mac OS X. It’s good practice to upgrade your operating system when new versions become available. This is because the OS upgrades include enhanced security features and bug fixes.
Security vulnerabilities and bugs are emerging all the time. You can set up automatic updates and installations of the latest updates to keep your operating system protected.
Find out more about keeping your operating systems, applications and internet browsers up to date by reading How to protect your business from cyber security threats.
Install a firewall to block unwelcome access
A firewall is a protective security system that monitors and manages traffic between your computer network and the internet. It filters traffic types that can reach your network based on a set of defined security rules. If incoming traffic breaches a security rule, that traffic will be blocked from reaching your network.
Keep your anti-virus and malware protection up to date
Anti-virus software is a tool to protect your computer or network from cyber security threats. Cyber security threats include malware being installed on your network. If a threat is detected, you receive an alert along with the recommended action you need to take.
Operating systems offer inbuilt anti-virus and malware protection. The key to staying protected is to install updates as soon as they are available.
Protect your data with encryption
Encryption software protects your data by disguising it in a code that unauthorised people can’t view, even if they have physical access it. Search the support pages of Microsoft or Apple security to find out how to turn on encryption for data security.
Keep passwords strong and secured
Always have unique strong passwords for all your online accounts and logins. Never share passwords amongst business colleagues or family.
Set up two factor authorisation (2FA)
Over and above using strong passwords, add an additional layer of security by choosing 2FA. This is particularly important if you have staff accessing your systems remotely. Secure apps such as internet banking with 2FA.
For more information, check out 6 simple ways to protect your passwords.
Uninstall programs that are not used
Get into the practice of checking what programs are installed on your systems. Uninstall any software program that you don’t need as you may be unnecessarily opening yourself up to security vulnerabilities.
Also, by getting familiar with the programs that you expect to see, any unwelcome or malicious programs will stand out.
Be vigilant on access management
Employees in your business should have their own login credentials to business systems.
Remove administration rights from computers that don’t need it.
Don’t browse the internet using an administration account. This prevents the entire network from becoming infected if a compromised website is visited.
Ask your IT provider if they have remote access to your systems and what security controls they have in place.
Ask your IT provider if they use different passwords for each of their customers’ sites.
Back up your data regularly
If your system is compromised, you’re at risk of losing all your business data. Make sure you back up your data regularly. To find out how read the article How to store your business data securely.
For more information about basic computer security
Australian Signals Directorate (ASD) > Strategies to mitigate cyber security incidents
Australian Cybercrime Online Reporting Network (ACORN) > Protect and Prevent
Australian Cyber Security Centre (ACSC) > Report a Cyber Security Incident
Australian Competition & Consumer Commission > Scamwatch
Stay Smart Online > Protect your business
Information, resources and tools
Australian Government | Stay Smart Online
Stay Smart Online provides topical, relevant and timely information on how home internet users and small businesses can protect themselves from, and reduce the risk of, cyber security threats such as software vulnerabilities, online scams, malicious activities, and risky online behaviours.
Australian Government | Australian Cyber Security Centre
The Australian Cyber Security Centre (ACSC) brings cyber security capabilities from across the Australian Government together into a single location. It is the hub for private and public sector collaboration and information-sharing to combat cyber security threats.
An Australian Government initiative | Australian Cybercrime Online Reporting Network (ACORN)
ACORN is a secure reporting and referral service for cyber crime and online incidents which may be in breach of Australian law. The ACORN website provides a cyber crime reporting mechanism as well as helpful information about cyber crime.
Australian Competition and Consumer Commission | Scamwatch
Scamwatch provides information to consumers and small businesses about how to recognise, avoid and report scams using publications, videos and other online resources.
Australian Government | Office of the eSafety Commissioner
The Office of the eSafety Commissioner provides online safety education for Australian children and young people, a complaints service for young Australians who experience serious cyberbullying, and address illegal online content.
Australian Government | Attorney-General’s Department
The Attorney-General’s Department website provides helpful information and resources about your rights and protections in regards to identity security, freedom of information and cyber security. The Department has developed a range of resources to assist people protect their identity and recover from the effects of identity crime.
National Australia Bank Limited. ABN 12 004 044 937 AFSL and Australian Credit Licence 230686. MLC Limited uses the MLC brand under licence. MLC Limited is a part of the Nippon Life Insurance Group and not part of the NAB Group of Companies. The information contained in this article is intended to be of a general nature only. Any advice contained in this article has been prepared without taking into account your objectives, financial situation or needs. Before acting on any advice on this website, NAB recommends that you consider whether it is appropriate for your circumstances.
Any information provided by the author detailed above is separate and external to our business and our Licensee. Neither our business nor our Licensee takes any responsibility for any action or any service provided by the author.
Any links have been provided with permission for information purposes only and will take you to external websites, which are not connected to our company in any way. Note: Our company does not endorse and is not responsible for the accuracy of the contents/information contained within the linked site(s) accessible from this page.