There’s no doubt about it: cybercrime is here to stay.

Ransomware, phishing, ‘CEO fraud’ and data theft: these were once thought of as things that affected only very large companies or A-list celebrities. But now it seems that almost every day there is a report of a new cyber-attack that can affect individuals and small businesses, as well as large organizations.

Anti-virus and anti-malware software is always worth having. But most hackers get into IT systems through vulnerabilities created by human error. If you and your staff follow these simple do’s and don’ts, you will be able to protect your small business systems against the vast majority of cyber-attacks.

The 7 Do’s and Don’ts of Protecting Your Business from Cybercrime

Do

 1. Install The Latest Software and App Updates Promptly

Software and app updates contain vital security updates that help protect your devices from hackers and other cybercriminals.

2. Make Sure All Members of Staff Have Separate Logins

This is important for privacy as well as security. You don’t want all staff to be able to snoop on HR or salary records!

And remember to delete email addresses immediately for people who have left the business, including temps and interns.

 3. Generate Strong Passwords

Use unique and very strong passwords for your business network, your bank, and any other websites or apps that connect with your financial or other confidential data.

The latest advice is to use three words that mean something to you but are not connected in any obvious way – plus numbers or special characters for extra strength.

4. Delete All Old VPN or Virtual Workstation Connections

These connections are an easy way into the system for hackers, especially if the passwords are weak.

[RELATED: 6 Essential Security Tips For Your Online Business]

Don’t

1. Click On a Link in an Email or Text, or in a Website You Don’t Trust

Phishing attacks are where a cybercriminal will trick you into revealing your password or other sensitive information by sending you a fake email apparently from a reputable source. Clicking on the link in the email can let a virus into the system or record your bank password.

Once it was easy to spot a fake email. Now, though, cybercriminals are getting more sophisticated. Unless you are expecting it and know exactly what it is, it is best to check if an email is genuine by going to the sender’s website. Type the address in yourself – no copying and pasting. You can then check your account details using your own login details.

2. Set Shared Email Accounts With Easy-to-Remember Passwords

It’s tempting to do this for offices that have a lot of email traffic, such as customer services. But easy-to-remember passwords are also usually easy to guess.

3. Keep Your Data All in One Place

By all means, keep most of your business data in the cloud, but why not keep your personnel records, for example, somewhere else?  Even if you do get hacked, if you spread your data around the cyber-criminals can’t get to all of it.