SME survival guide: How to keep your employees safe online

Managing Director

Fav thing about the office

Good banter

As a child I wanted to be a ... when I grew up

Plumber/Electrician

Guilty Pleasure(s)

Strictly come dancing

Favourite Holiday

Crete

If I had a superpower it would be...

Mind Reading

Describe yourself in three words or less

Methodical, Energetic, Reliable

An interesting fact about me

Started “Work” life as an opera singer

Likes

Horse riding, fillet steak and a good curry

Favourite Band

…into Classical Music

Karaoke Jam

Desperado- The Eagles

What I do at Q2Q:

My role is to provide the overall direction and “eye on the compass” as to where we, as a team, are heading.

I’m still very much focused on the customer and will often get involved in customer solution discussions. As a techie at heart, I’m regularly seeking to understand industry developments and directional changes that may affect our customers, so we and our customers can remain on the front foot.

Background and Achievements

I started out in an I.T technical department of what was then British Rail, following which I joined a large construction company to re-organise their I.T infrastructure.

I then spent a couple of years as a business systems analyst at P&O Nedlloyd designing, developing and implementing systems within their Bulk and Tank Carrier companies.

In 1999 I was appointed as I.T Manager of SockShop and subsequently as of Head of I.T. at the Tulchan Group, comprising then of 300 stores. Due to a Year 2000 compliance issue, we were required to seek an alternative system, which we were able to more cost effectively write ourselves. This product subsequently became known as RAWHIDE and we later sold this product into a number of other businesses. At the time it was quite cutting edge as all the warehouse function was undertaken using handheld, wireless scanners, rather than the batch scanners that were dominant at the time.

In 2003 The Tulchan Group was acquired by Harris Watson. We were then asked to take responsibility for the I.T. of Viyella Ladies wear and in 2004 the demands of two MD’s and two FD’s (Tulchan Group + Viyella), resulted in the sensible decision to break out of the group and Q2Q was born. This then enabled us to also get involved with a number of other group companies (Harris Watson owned companies) as well as other non-group parties.  At one stage we were managing the I.T for almost 500 stores across a number of businesses.

Today Q2Q retains some of the group customers that we acquired along the way, as well as a substantial number of new and diverse customers in almost all industries including accounting, business development organisations, legal marketing, medical, retail and wholesale.

Hobbies and Interests

Horse riding, running (Jogging), motorbikes, reading any of the Detective Rebus stories.

As a business owner, keeping your employees safe online sounds like it should be easy, but with the increasingly sophisticated hacking tactics of cyber-criminals, this sadly isn’t the truth – in most cases at least.

Despite the majority of threats originating from outside an organisation, all too often actual cyber-security incidents emerge due to the actions of someone much closer to the office – an employee.

There’s no hiding from the fact that 2018 was replete with cyber-attacks and data theft – with at least one breach appearing in the news each month, and it’s important to be aware that sadly, this trend is likely to continue in a similar vein throughout 2019.

In fact, it was only last week that one of the biggest data breaches in history was recorded – with 772 million email addresses and 22 million passwords having been leaked at once. So, how can SMEs ensure their staff – and systems – remain safe? Well, if you’re unsure, the following tips are a useful place to start…

Education is key

Forget the saying that “ignorance is bliss”, because when it comes to IT, it isn’t. To greatly reduce your SME’s risk of being intercepted by cyber-criminals, it’s your job to ensure that your colleagues know about the ­­­­threats that are out there.

As well as having up-to-date cyber-security measures in place, holding regular refresher sessions with your team – which recap cyber-security and use real-world examples of attacks on businesses – is another of the most efficient and successful way to achieve a strong resistance to cyber-threats. It’s only by contextualising threats and their consequences on a frequent basis, that staff will truly understand the part they play in the bigger security picture.

Informative Q&A sessions are an effective way of engaging your employees, but this alone isn’t enough. Training courses are another branch of awareness which should be explored by SMEs looking to effectively safeguard their people and their computers against external threats, such as fake URLs, phishing emails and other spam correspondence.

Password recap

We’ve all heard that passwords need to be a mix of lower and upper-case letters, numbers and symbols, to be less susceptible to hackers – but how many of your employees actually adhere to this guidance?

As a rule of thumb, passwords should be long – at least 10 characters – and they shouldn’t contain common words or phrases found in the dictionary. That means the old favourite ‘password 123’ is a no-go. To ensure employees take this seriously, your SME needs to have a strict password policy in place, as this is an easy-to-implement measure against unauthorised users gaining access to your company’s critical data.

Another useful way of keeping your passwords out of the grasps of cyber-thieves is to set an auto-reset reminder once every month or two. Employees who regularly change their credentials leave less time for hackers to be able to access systems and given that 80% of all cyber-attacks involve a weak or stolen password, this is key! Also, it’s a good idea not to use the same password across multiple sites, as this increases your data’s vulnerability.

Device defence

In the age of flexible working, not all employees will be stationed at a desk five days a week, so it’s pivotal that all devices – mobile phones, laptops, tablets etc. – have the relevant protection measures. 

Where possible, it’s best to avoid free, public Wi-Fi hotspots, because they don’t guarantee a safe connection. A much better and more secure alternative is to use a Virtual Private Network (VPN). A VPN provides an end-to-end encrypted connection between your company network and the location where the remote worker is situated. This tunnelled connection cannot be broken by third-party sources, thus adding an extra layer of protection when your employees are out and about.

As well as the measures outlined above, ensuring someone is monitoring your systems at all times is a sure-fire way to keep on top of any cases of unauthorised access – nipping them in the bud before they have chance to escalate into a detrimental breach.

If you’d like to find out more about our managed IT services, feel free to chat with one of our lovely team members on 01524 581690, or send us a message.

SME survival guide: How to keep your employees safe online