📋You need a cybersecurity checklist✅

To protect your business from malicious actors, you don’t need expensive software and hardware, a huge IT department, or an outsourced team of cyber hawks watching over your every move.

All you need is a little patience, a little common sense, and a little effort.

While I can’t help you with the first two things, I can definitely assist with the third. Below you will find a short checklist that you can go through and make sure you’re safe.

I call it - Hack Off!

You can print it and put it on your desk because, you know, out of sight - out of mind. You can also use the Sheets version with checkboxes to make things even easier.

Here we go:

1. Strengthen Passwords

☐ Are you using a strong, unique password for all your accounts? Same, simple passwords across accounts means trouble!
☐ Did you enable two-factor authentication (2FA) everywhere? Google Authenticator is free!

2. Update Everything

☐ Did you update your software, devices, and apps? Software bugs lead to all sorts of exploits!
☐ Don’t forget to turn on automatic updates when possible, or use a patch manager. There are plenty of options out there.

3. Backup Your Data

☐ Did you save important data to a secure location (Google Drive or Dropbox are both good options. An external drive will also suffice, if internet access isn’t necessary).
☐ Test your backups at least once a month to make sure they work. Backups can get corrupted from time to time.

4. Stay Phish-Free

☐ Do you get all sorts of emails with links and attachments? Be wary and don’t click on anything in a hurry!
☐ Did you verify unexpected requests for money or information before doing anything?

5. Secure Your Network

☐ Do you use a strong Wi-Fi password? How often do you use public networks for work? (hint: the correct answer is: never).
☐ Did you enable your router's firewall?

6. Protect Your Website

☐ Are you using HTTPS with an SSL certificate for your site?
☐ When did you last update your website software and plugins? I’ll take a wild guess and say your site is built with WordPress. Did you know that plugins are regularly exploited to take over websites?

7. Monitor for Suspicious Activity

☐ Are you watching for unknown logins or unusual account activity? While this might be a stretch for micro businesses, it is one of the best ways to spot and stop intrusions.
☐ Did you set up alerts for critical accounts?

Go get ‘em, tiger

Try and go through this checklist at least once a fortnight. I would particularly pay attention to passwords (it would be wise to update them at least once every three months), patching (do this as soon as a patch is available, and backups. 

That’s it from me this week. Next time we’ll discuss the most common types of cyberattack you might face.

• Sead from SmallBiz CyberWiz