T H March asks “Are you cyber-safe?”

Your reputation has taken years to build and in this digital age news, good and bad, spreads rapidly. It can take minutes to cause lasting damage to a business… Are you Cyber-Safe?

The technological advances we have witnessed in recent years along with the exponential growth of the internet in this so-called ‘digital era’ far out-strips anything that could have been imagined just a decade ago.

And whilst it is true that the internet has brought forth a multitude of benefits to all business sectors, including the jewellery trade, by lowering barriers to trade and allowing people across the globe to communicate (research, buy, advertise, sell) as never before, we must be aware that such opportunities will to some extent increase vulnerability as our growing dependence on cyberspace opens up our lives to new risks.

The systems on which we now rely so heavily, including personal mobile devices and USB sticks and the information those systems contain, often customer data, credit card and bank details, sensitive company information and much more besides, can be compromised, damaged or indeed stolen.

So, whilst it is clearly vital that we continue to fully embrace the benefits of the digital age, we must be aware too of the need to maintain our ‘cyber security’.

Quite simply this means thinking carefully about protecting all your computer based systems and the information stored within from threats, both internal and external.

Many businesses, particularly smaller ones, still don’t have in place an internet security policy for employees and many others have never even had their computer systems tested to ensure that they are protected from threat. Does that describe you?

The widespread belief that small businesses are unlikely targets for cyber attack is naive to say the least when in fact the idea of a perceived ‘soft target’ often proves to be a strong attraction to criminals. A recent study by the global software security firm Symantec found that 40 per cent of attacks are against organisations with fewer than 500 employees.

In a survey carried out by the Department for Business, Innovation and Skills (BIS) last year it was discovered that 36 per cent of the worst cyber security breaches in 2012 were caused by inadvertent human error. The BIS survey also found that the vast majority of small businesses believe that cyber security should be a high priority.

Here are some simple steps you can take to protect your business:
1. Staff training is essential because all your employees should be aware of the possibility of cyber security risks. This may mean bringing in outside help, but it will be money well spent.
2. Install, use and regularly update your antivirus and antispyware software on every computer used in your business. This is a sensible precaution for home computers too.
3. Use an internet firewall for your connection.
4. Download and install software updates for your operating systems and applications as and when they become available.
5. Always make back-up copies of important business data and information. For jewellers this of course includes security video too.
6. Control physical access to your computers and make certain that you know who has access and when. If there is ever a breach this knowledge will help to establish who, if anyone within your organisation, was involved.
7. Make sure that your Wi-Fi network is secure. In your business premises, make sure the Wifi is secure and hidden.
8. Set up password-protected user accounts for each employee and make sure that these are not ‘shared’.
9. Give your employees access to data and information strictly on a ‘need to know’ basis.
10. If you don’t have a dedicated IT department within the organisation, strictly limit the authority to install software onto your systems.
11. Regularly change your passwords.
12. Speak to your insurance broker about arranging cover to protect you and your business against
cyber threats. Don’t simply assume that you are already adequately covered.

It’s not going to go away any time soon and realistically most of us wouldn’t want it to. The internet has changed the business and communication landscape forever and mostly in a good way but like all great inventions it is best treated with respect and a little caution.

A claim scenario following a card processing system being hacked might look like this:
• The costs of forensic experts to find what data was stolen.
• The costs of notifying the (sometimes vast numbers of) individuals whose data has been stolen.
• The costs of credit monitoring for the affected individuals to make sure they suffer no ongoing
losses after the breach.
• The costs of PR to mitigate the reputational damage to the business after the breach.
• The costs of a breach coach to prepare the business for investigation.
• The professional representation costs for the investigation by the payment card industry.
• Legal representation and defence costs for any legal action that was brought.

Equip Yourself with Some Knowledge
There is a huge amount of advice and assistance available on the subject of cyber security, rather ironically, much of it is easily accessed via the internet. The following websites are a good place to start looking (if you haven’t already!)
https://www.getsafeonline.org/businesses
http://ico.org.uk/for_organisations
https://www.gov.uk/government/policies/keeping-the-uk-safe-in-cyberspace
http://www.fsb.org.uk