Cyber security quiz
If your business was subject to a ransomware attack, would you pay the demand?
- Yes, I need my business back online ASAP.
- No, I can safely restore my data to a new device from the cloud.
- Yes, but I’d then look into ways to protect my business from future attacks.
- I don’t think it would happen. My business is too small for attacks.
While paying the demand might get your data back, it’s only a temporary solution and once a business is hacked, they usually experience ongoing issues. As the saying goes: prevention is better than cure. If your system has been infected, you’ll need a complete rebuild of the operating system and restoration of information from a secure backup.
To protect your business, do you have antivirus software installed?
- Yes, my computer came with it pre-installed.
- Yes, I purchased antivirus software when I purchased my computer.
- No, I don’t need it – I have a Mac.
- No, I use in-built protection.
Increased adoption of the cloud and mobile connectivity has raised new challenges for SMBs. Broadly, endpoint protection like McAfee Endpoint Protection Essential for SMB is the standard for small-to-medium businesses, and its variants generally include cloud management, antivirus, anti-spyware, endpoint firewall, and web control.
Do you have antivirus installed on your mobile devices like your tablet and phone?
- I don’t need anything for my phone.
- My main computer has protection – that’s adequate.
- Yes, I have additional endpoint protection.
- In a way. I have a data management program so I can erase my data remotely if needed.
This approach when combined with a mobile device management tool – a product which restricts the features of the smartphone or tablet to stop, for example, the installation of an app that might be infected – is a robust duo. If you make the decision to adopt neither of these options, dedicated antivirus on your devices should be the bare minimum.
Are you aware of your requirements to report data breaches under the Federal Government’s Privacy Act 2018?
Office of the Australian Information Commissioner paints a picture that all SMBs need to see. A year into one of the key functions of the Act, the country’s notifiable data breach scheme, the office has received 812 reports where consumer data has been lost, stolen or shared with the wrong people. Almost half, 47 per cent, have involved financial details. The most common causes of breaches are malicious attacks, human error, and system faults. All organisations covered by the act must log a report when a data breach might cause harm.The latest report from the
- This only applies to businesses bigger than mine.
- No. What legislation?
- I’m aware of it but I’m unsure of my specific obligations.
- Yes, and I have systems in place that safeguard my data.
Are your employees’ devices protected?
- Yes, they are supplied equipment with integrated protection.
- I don’t know, they use their own personal devices at work.
- They don’t work on the main server, so I don’t think they need it.
- Yes, they all have endpoint protection on the devices they use to interact with the business.
You can take it one step further with additional security. Features like containerisation (putting a wall between an employee’s work and personal usage), remote wipe (to erase sensitive data if the device is compromised or a device is lost), anti-spam products (for text or call spam), and sim monitoring products (which can alert you to smartphone or device in the wrong hands), might be the extra help you need.
Do you have email and internet browser security add-ons installed?
- Yes. I use whitelists, prefilters, and password agents.
- I don’t think so. But I do keep my passwords safe and regularly change them.
- No. But I’m aware of the fact that browser settings can help block 3rd party cookies.
- No. I think my passwords are enough.
What is your practice when it comes to scanning for malware and viruses?
Matthew Wilson, CEO of Australian cybersecurity specialist Penten, says: "Installing security updates is the number one control that needs to be in place for organisations, as it will neutralise many of the threats that you face. Malware only works because there’s a vulnerability in the software, and often it’s a published vulnerability which has already been fixed in the latest update. Attackers are simply relying on the fact that many businesses fail to install these updates."Scanning is only effective if your equipment’s software is up to date, including the operating system.
- I make sure that both scans are scheduled daily.
- I have scans scheduled for roughly once per week.
- My antivirus and malware are set to manual. I run scans when I remember to.
- I don’t run scans, as far as I know. I figure the software will do the job.
By subscribing here you consent to receiving marketing from Smarter Business™ separate to any preferences you may have with Telstra. You will continue to receive marketing communications from Smarter Business™ unless you unsubscribe. You may continue to receive marketing communications from Telstra until you unsubscribe using the contact information in our privacy statement.
By submitting this form you are consenting to Smarter Business™, Telstra or a third party contacting you, including by telephone, about products offered through Telstra. Your name and other details provided will be collected, stored and may be used for online targeted advertising by Smarter Business™ and Telstra in accordance with our privacy statement.