3 Common Small Business Cybersecurity Mistakes Tips to Avoid Them

Emma Middleton
CMO, ProtectBox
Apr 20th, 2022

Owning a business is challenging enough when things are running smoothly, but matters can only get worse when companies fall prey to cybercrime. There are the legal fees, recovery costs, operational disruption, and tarnished reputation — to name a few of the negative effects of cybercrime — and there’s the risk of going out of business altogether.

To protect your small- to mid-size business from common cybersecurity threats like phishing, ransomware, malware attacks, social engineering, and data theft, it’s important to familiarize yourself with the mistakes that could increase your risk of becoming a victim of cybercrime. ProtectBox shares three commonly made mistakes in the sections below and offers some tips for avoiding them.

1. Using Outdated Software

Using unpatched or outdated software may seem harmless enough, but it greatly increases your risk of falling prey to cybercrime. Without the latest security patches and updates to protect your devices, cybercriminals can access your data and devices much more easily. Keeping your software updated, however, protects you from potential attackers.

Though many software developers issue security updates and patches as software vulnerabilities become known, these updates can only protect you and your business if you’re regularly installing them. Updates are sometimes automatically installed, while others need to be checked for and installed manually.

To protect your business from security threats, aim to manually check for updates at least once per week and ask your staff to do the same. It’s also important to regularly restart your computer, as many automatic updates will only occur after a manual restart.

2. Overlooking the Importance of Cybersecurity Training

In addition to using outdated software, failing to train employees about cybersecurity awareness is another mistake that’s commonly made by business owners. The more your employees know about cybersecurity, the safer and more protected your company will be from cyberattacks. As such, it’s best to train your employees on the following cybersecurity topics:

  • Data protection and data incident reporting
  • Password protection
  • Safe software installations
  • Email and internet safety
  • Social engineering

The National Cyber Security Centre (NCSC) offers a free online training course for workers, covering topics such as incident reporting and phishing prevention. This course can either be completed online or incorporated into your company’s cybersecurity training program.

3. Faulty Password Protection

Passwords are only effective for protecting your devices, websites, email accounts, and apps if they’re strong, secure, and private. And according to SmallBizClub, many internet users are securing their systems with at least one compromised word and number combination like “123456”, “password”, “qwerty”, and “abc123”.

To protect your passwords, computer systems, and sensitive business data, it’s important to keep several password best practices in mind. Start by establishing a password policy for all employees to follow, setting up two-factor authentications wherever possible, and using a password manager to keep track of everything.

It’s also wise to password protect any files, folders, and presentations that contain sensitive information — even your portable document formats (PDFs). PDFs are more secure than Word, PowerPoint, and Excel files, but because they’re easy to share and collaborate on, they’re still vulnerable to security threats. Lance Whitney of PCMag shares some tips for password-protecting a PDF.

As another cybersecurity rule, it’s important to convert your Word, PowerPoint, and Excel files to PDFs before sharing them with others. Try using an online tool to convert files ending in DOC, XLS, or PPT to PDF, as this will make the file more secure and prevent other people from making changes to the document’s format and layout. You’ll also be able to password protect the document if you wish to do so.

ProtectBox Can Help

Now that you’re familiar with these three common cybersecurity mistakes, it’s time to protect your small business. And while shopping around for the right cybersecurity solutions can feel overwhelming when you have so much to do but no idea where to start, ProtectBox can help. Register for your free account today and start shopping around for the best cybersecurity software your hard-earned money can buy!

  • Our platform’s adaptability to a sustainability marketplace discussed here could halve the internet’s GHG emissions. Using our new Partner API described here (with our first application for Oracle Cloud shown below) we can roll this out further across health, agriculture and beyond …. in 1-2 years with sufficient support from the likes of the Earthshot Prize (which we’ve been nominated for) this could reduce 15% of GHG emissions