Vodafone: how SMEs can protect themselves from cyberthreats
Since the outbreak of COVID-19, businesses have faced increased cyber attacks. In the report Vodafone details how smaller businesses have been protecting themselves from threats in order to maintain their longstanding relationships with their customers.
Speaking with one of its small business clients OLIO - a growing online business which connects neighbours and local businesses to share surplus food - he company explains how it is critical that its users trust that they keep their data safe.
“The security of our systems, and therefore our users, is always at the front of mind,” commented Lloyd Watkin, OLIO’s principal engineer. The consequence of an attack for OLIO could result in the theft of sensitive customer or business data, disruption to work, loss of customer trust, and consequent damage to commercial relationships and reputations.
“During the lockdown we’ve seen an increase in ‘amateur’ attacks, like simple poking of our APIs [application programming interfaces] and systems,” added Watkin.
Across the UK, Vodafone has seen an increase in certain types of online security threats including malware, phishing and ransomware.
“We’re fairly fortunate at OLIO in that we don’t currently store any particularly sensitive data about our users, nor do we have any payments set-up,” commented Mr Watkin. “Therefore, as a target we are quite small. But that doesn’t mean security isn’t very important.”
Good security practices
“Small and medium-sized businesses can implement good security practices to keep themselves – and their all-important data – safe,” commented Vodafone.
“As standard, we have firewalls turned on and locked down security access lists for our servers,” commented Mr Watkin.
With many employees handling sensitive data remotely Vodafone highlights that, a robust password routine which has multi-factor authentication for accessing cloud services, in action to using Virtual Private Networks (VPN) companies and keep their systems and information secure.
“Protecting mobile devices is also important, especially with more employees working from home. Mobile security software, such as , can secure devices against phishing and other threats,” adds Vodafone.
With cyber criminal tactics continuously evolving, Vodafone details that there are ways that IT teams at smaller businesses can keep ahead of the latest threats.
At OLIO the company’s servers are automatically patched for security issues to ensure that the system is continuously up to date. In addition the company receives notices about software vulnerabilities and proactively monitors its systems.
“We’ve signed up to standard Common Vulnerabilities and Exposures (CVEs) alerts,” commented Mr Watkin. “We also run AWS [Amazon Web Services] tools that keep an eye on our traffic and highlight anything out of the ordinary.”
Vodafone also highlighted that it’s even more important to keep up-to-date as business changes result in more and more operations move online, which results in new security challenges.
“We lean heavily on automated tools and checks to ensure that we aren’t introducing any software that could put our customer data at risk, as well as code reviews that include an aspect of security checking,” added Mr Watkin.
“OLIO has a robust security programme in place. But as a fast-growing business, the only way it – and other SMBs – can stay secure is to stay vigilant,” concludes Vodafone.