Cyber Security Quick Wins For SMEs

Published on 22 December 2021

Now more than ever, SMEs need to protect themselves from cyber-attacks. According to the Cyber Security Breaches survey for 2021, 39% of businesses identified a cyber security breach or attack in the past year. Of the affected businesses, 1 in 5 lost money, data, as well as other assets. While it’s more likely that a larger business will be the target of a cyber attack, they also have the resources to invest more in their cyber security, which means many SMEs leave themselves vulnerable.

There are many ways in which a business can safeguard itself against security threats, for example, getting Cyber Essentials accredited. However, there are many other ways for your business to gain quick cyber security wins right now. Here are three simple but effective ways you can protect your business from the latest cyber security threats.

3 Quick Cyber Security Wins for Your Business


Using strong passwords is one of the best ways for you to protect your business from cyber attacks. The National Cyber Security Centre discusses the risks associated with low-quality passwords and why people often resort to using the same password for multiple logins. Put simply, however, without strong password hygiene, you and your employees increase the risk of a cyber breach occurring.

If you use the same password to access your work emails as well as a social media account, and your social media account is breached, you run the risk of the cyber criminal gaining access to your sensitive work data too. This should be especially concerning if you’re running a BYOD (bring your own device) strategy within your organisation.

Two quick ways to solve this are:

 Multi-Factor Authentication (MFA).

o   MFA means that you and your employees will need to ‘verify’ themselves when they log in. This could be a code sent to the person trying to log in’s phone that must be entered to gain access to the account.

  • This does two things:
  • Increases the security on that account by using another form of authentication to confirm you are who you say you are.
  • Notifies you of an unknown person trying to access your account, this is a chance for you to change that password as it has now been compromised.

 Password Manager

o   It can be difficult to remember so many unique passwords for each account you have, that is where a Password Manager comes in handy. A Password Manager is essentially a vault that stores all your passwords and login details, so all you need to remember is a single strong password to gain access to it.

o   If you are interested in using a Password Manager Bluebell IT Solutions recommends LastPass, alternatively, you can read this article by TechRadar to find the best fit for your organisation.


Software Updates

Everyone has been there; it’s the end of a long workday and just as you’re about to shut down your computer you get a notification asking you to update your software. There is no way of knowing how long the update will take, so you hit ‘Remind me later’, again and again. But these updates are important.

Software companies, like Microsoft and Apple, are not sending out these updates for no reason, they serve an important role in protecting your data from cyber security attacks. Software companies are continuously on the lookout for small gaps in their software that could leave you vulnerable to a cyber breach or attack. Once they develop a solution to a discovered problem, the fix is delivered to you in the form of an update for you to install. That’s why hitting ‘Remind me later’ consistently, may cause more hassle in the long run.

Installing updates is a quick and easy way to reinforce your cyber security right now, all you need to do is get everyone in your office to update all the devices they use to access work data. Following that, you can set your device and software to update automatically across all staff devices to avoid this in the future. Device Management applications are available that give you centralised control, such as Microsoft Intune or Windows Server Update Services, which allow you to see which devices are compliant with the latest updates and force updates on key devices.


Defending your Network Perimeter

Defending your network perimeter involves ensuring you have and use a firewall to protect your internet connection. A firewall will look at any data coming into your computer, phone, or laptop from the internet and make sure it is safe to access. Think of it as the doorman of your network. Without a firewall, you’re leaving your network open to viruses that have been unknowingly downloaded from the internet when trying to access a service.

Many computers already come with some kind of firewall installed. Here is a quick way to check if your computer has one:

 Select ‘Start’

 Select ‘Settings’

 Select ‘Update & Security’

 Select ‘Windows Security’ (in the side column)

 Selected ‘Firewall & Network protection’

 All the Firewall options should be turned on.

Phishing attacks accounted for 83% of all cyber-attacks in 2021. The reason phishing is the most common and most successful comes down to human error, something that can happen to anyone. Staff lacking security awareness training is one of the most common ways a business experiences cyber security breaches as they’re often liable to fall for phishing attacks. It’s important that you regularly educate your staff on the latest cyber security processes to ensure your business is equipped to spot a phishing attack and avoid it.

These 3 quick cyber security wins should be helpful and easy to implement into your business. However, please remember that the above are not fix-alls for your cyber security, you need a comprehensive strategy before you can for full peace of mind. 

Getting Cyber Essentials accredited is an excellent place to start safeguarding your business. For help becoming accredited, book a meeting with someone from our friendly team below or call us on 01908 044 202.  

Cyber Security shield

Contact us!

Recent Posts

Our Resources