<img alt="" src="https://secure.hear8crew.com/200390.png" style="display:none;">
CMI Blog

5 Cyber Security Essentials for Every Modern Business


AdobeStock_207371242-1Cyber security has always been smart. But in 2020, it’s more important than ever. Let’s assume that you’re covering the basics. Top of the cyber security essentials list is having an antivirus. Make sure you’re regularly updating both that and the rest of your software. Beyond that, there are various other cyber security essentials to be aware of. Here are the top five.

1. Draw up a formal cyber security policy


This will be a document outlining everything your business should know about its cyber security. Think of it as a cyber security essentials manual. Whilst these points can vary, generally speaking, it should always outline: 

  • what the threats are 
  • what needs to be protected 
  • how they should be protected. 

Within those can fall several different policies and best practices. There could be password policies governing how to store and update them. If a business handles sensitive data, then there could be a whole section outlining how to handle that. And any sensible business should outline their plans in the event of an incident.

2. Give users as little security access as possible

If a cyber-criminal gains access to an employee’s system, the less access said employee has been granted, the less a cybercriminal will have access to. This means less scope for damage. Give employees access on a need to know basis. Only let a junior staff member access the bare minimum needed to do their job. Even a CEO’s digital freedom within the company systems should be kept to the bare necessities.

3. Backup and Recovery


Forget cyber security essentials, you should be backing up your data anyway. It’s just good practice. Nobody wants to lose even a day’s work in the event of a disaster. You’ll want to do more than just save your data somewhere. Time is money, so to minimise downtime, a complete backup and disaster recovery plan solution should be outlined. This consists of backing up data to a remote location, determining a temporary work location, and outlining a process for quickly restoring the data. Sometimes, despite adhering to all cyber security essentials, malware can infect a system. But with a good backup solution in place, an IT team can just wipe hard drives clean and restore from backup. 

4. Formalise a secure remote work policy

Many business’s cyber security diminished practically overnight thanks to the world flipping to remote work. Family laptops and WiFi in most people’s homes is usually far less secure than a business’s and lacking many cyber security essentials. Every phishing scammer knows this. Clearly outlining a work from home security policy, a BYOD (bring your own device) policy, and encouraging the use of VPNs can help keep the hackers at bay.

5. Employee awareness training

Remote working

Some may consider this the most important of the above cyber security essentials. You can install firewalls, limit access, and draw up all the policies you like. But all an untrained employee needs to do is click on a phishing email and malware will wreak havoc on your systems in a flash. Your employees are your business’s first line of defence. They’re a human firewall. And to make them as effective as possible, they must be trained accordingly. This means education about phishing attacks. How to stay safe when remote working, and much more. Plus, depending on your industry vertical, it often it’s a legal requirement. 

Forgetting any cyber security essentials is not a risk worth taking. Most businesses who are still operational right now might not be so lucky in the event of a cyber-attack. Working with experienced cyber security professionals is the only way to adequately protect your business from online criminals. 


Click here to talk to a cyber security expert today about cyber security essentials and how best to protect your business. 


Topics: cyber security

Graham Stead

Written by Graham Stead

Graham Stead is Client Relationship Director at CMI Limited, and has worked in the IT industry for over 30 years. Starting his IT career as an engineer for Hewlett-Packard, Graham later started his own business which he sold to CMI in 2016. As Client Relationship Director, Graham is responsible at CMI for ensuring our clients receive expert commercial IT advice that a modern business demands.

Know someone who
would benefit from CMI?