Ultimate IT Security guide for small business
In our ultimate IT security guide for small business we go through all the things you will need to know about, questions you will need to ask your IT provider, and questions your IT provider will ask you.
It doesn’t matter if you own a small accountancy firm, or if you manage a wedding supplies business. Security is the base for a strong business platform, where you can implement trust and a solid relationship with your clients.
We have created this IT security guide from our experiences with clients around the UK over the years. Along with a range of other IT solutions, making sure that you have safe and secure networks is vital.
Our IT Security guide has advice from our IT team on how to select and purchase the best IT security products and solutions for your business needs and budget.
Make a cup of tea and get comfortable. This IT security guide includes everything. You may even want to bookmark it for future reference!
Important questions you will be asked by your IT Security provider
- What type of service do you provide?
- How many users do you have?
- What are the sites that you would like to protect including cloud?
- Do you utilise Virtual Machines (VMs)?
- How many servers do you have currently?
- Will you need your own server?
- How many firewalls do you have in total?
- What applications do you use?
- Which vendors are you interested in?
Inspect possible vulnerabilities in your web application, for example by looking for the OWASP (Open Web Application Security Project) list of Top 10 security risks to web applications.
Have a properly configured firewall through a dedicated resource
Apply up-to-date patches on everything, including staff devices
Whitelist only the IPs and the devices who should have legitimate access
Take advantage of SaaS-based security services, which are usually more cost-effective
Use secure cloud-based applications
Get a bespoke VPN (virtual private network) so any remote access is secure
Implement a disaster recovery framework that can take over in case of any possible attack
Define Policies and Permission for all the users on all the resources and the equipment.
Access controls, so that employees only have access to information they need
Read our ultimate Firewall guide for your business for an in depth look at firewall security.
Activate passwords and encryption software
You should set passwords on all the devices in your business, and strengthen it by using an encryption software, such as Bitlocker for Windows, for example. By doing this you’ll add an extra layer of protection to your network to avoid unwanted users.
Enable 2FA when possible
If you have some important and vital access that you want to protect, an excellent way to do so is by activating the Two Factor Authentication (2FA). This will require another way to prove your identity, and you can set your phone number or email to check it. This doesn’t have to be added to all of the accounts, but the important ones with admin priveleges must be protected correctly.
Don’t use default passwords
This is a common mistake that several people may do, and it is keeping the default password for their devices. The problem is that most of these passwords are available in the manual by the manufacturer, or they are shared on the internet. We recommend changing all the default passwords to a more complex one before sharing the access with your staff. And also run regular scans to check if there is a default password missed.
Use passwords managers
It is not easy for you or your staff to remember all the passwords, not just their personal ones, but also the business ones. That’s why we recommend to use password managers. Password managers are an excellent option to keep your passwords at hand and secure. LastPass is an excellent free option we approve, as well as 1Password with great features and reasonable pricing.
Don’t use predictable passwords
Encourage your staff to stop using simple passwords, and ask them to use more complex ones that no one will be able to guess. IT professionals recommend a short story or situation as a password instead of some random numbers or words. In a short story like “TheCaTstronautLoves3Pizzasaday” We recommend you to avoid stuff related to you or your business, the idea is that no one guesses it, not even someone who knows you.
Avoid having unsecured internet connections
With staff working from home or on the go making sure everyone is using secure internet connections is important. Especially when handling sensitive business data.
Enable the tracker device on your company devices
This doesn’t happen a lot, but it is a situation you may face. What happens if someone steals your phone or tablet? In most cases we can leave it like that and buy a new one, but what if the device had important information?
If you run a small business, let’s say you own a small accountancy firm with 5 employees, your main priority would be restricting the access to vital data to a few staff and create a backup of it. This way less people will manage critical information.
Then you can focus on other tasks as implementing encryption and setting up antivirus, which are equially important. With a small budget of £350 you can start running this kind of plan.
IT Security Solutions
IT services for small business. Have questions or need help? Use the form to reach out and we will be in touch with you as quickly as possible.
"We have been very impressed by the professionalism of HelpDesk Heroes and their dedication to our company. Upon purchasing their services, we were presented with a plan tailored to our structure and needs which includes an overseas office. To this day, HelpDesk Heroes has never let us down and, despite our constantly changing needs, we feel supported and cared for by our dedicated HelpDesk Heroes team, especially Josh and Jackye."
Rylan Peters & Small Publishing
"Having been happily looked after by one of HelpDesk Heroes’ founders Jackye for over ten years, it only made sense to follow when we heard the news of their new company – we wouldn’t go anywhere else! I would gladly recommend their IT support services. They are extremely flexible with our team, our enquiries and always respond in no time if we do have an urgent problem. They understand our core needs almost as if they are a part of the team itself so continue to improve and enhance the way we work and function. It has been refreshing to have the IT support and solutions thought about overall and not just ‘patched’ when things have gone wrong."
Big Al’s Creative Emporium Advertising Agency