5 Essential Security Checks Every Small Business should follow

With these simple checks, you can protect your business and keep your assets safe.

image of padlocks, credit cards and computer

It’s National Cyber Security Awareness Month and so we thought we would encourage you (and ourselves too) to check a few simple areas to tighten up your security. These five essential checks could really keep your small business and your assets safe, so read on and take action today.

We all understand the importance of having good security and fear having a breach of your security and all that entails, causing no end of problems for months well after the initial incident. With cyber security attacks on the increase; fraudsters are specifically targeting small businesses who have less time, resources and knowledge that might help us reduce these risks.   Since covid, the level of risk has increased with the shift to working from home and lower defences on home tech and firewalls.

So whilst we might all have lapsed a little, now is the time to review what you have in place and make the necessary steps to improve your security.


Creating strong passwords are crucial. Make it unique, longer (at least 8 characters), a capital letter, a number, a special character … the list goes on. It’s worth changing them regularly and also keeping a safe space to record your passwords, such as with a password manager, for when the inevitable lapse of memory occurs.

Added security

Add two-factor authentication to your social and Google accounts, for that extra protection.   It’s really simple and we recommend downloading Google Authenticator on your phone for this too.

Keep Updated

Keep your computer, phone and website up to date.   The latest updates have essential protection to keep your equipment safe and stay ahead of the fraudsters latest scams and viruses. The same goes for apps, especially banking apps, which not only offer new features but close security issues.


Does your web address include https?   This little ‘s’ denotes the added encryption to protect your site between the server and browser. Talk to your web developer to get this fixed.

Staff Training

An e-safety booklet might be furthest from your thoughts when you recruit but taking the time to go through training and share this document with your team is essential.  It covers internet use and good practices to stay safe. Share the latest phishing scams and regularly remind your team about common signs to look out for, such as dodgy links on emails, to avoid becoming a victim.

Additional Resources

Find some more practical tips for Small Businesses from the National Cyber Security Centre here.

Where your business holds customer data, you might consider getting the Cyber Essentials mark to reassure clients and show that you regularly review your security.   It’s a great Government backed scheme one of our clients has achieved already.

For more help getting all your documentation in order, this guide by FSB has everything you need and is even marked up for “Required” compared to “Recommended” so you can prioritise which you address first. One ‘Required’ is registering with the Information Commission.   Even if you don’t have a fancy CRM or even keep sensitive details, to be compliant you will need to register that you have and safely store your customer details.  It always surprises us, how many clients didn’t even know about this.

Having a breach could be just as much bad luck, although knowing you have done some simple tasks to reduce the risk and allow you to focus on growing your business makes it worthwhile. Don’t forget to repeat it again, regularly.

Leave a Reply