Get in the know about cyber security and data protection
Reduce the risk of unauthorised access to the data you store on your devices and online with our guide to cyber security
Cyber security is crucial to reduce the risk of becoming the victim of a cyber attack, protecting devices such as smartphones, laptops, tablets and computers but also information stored online. And whether you run your interior design practice solo, or have a small or medium-sized, or larger practice, if you don’t have dedicated staff to manage cyber security, it’s an area that it’s vital to know about, and to keep up with.
Be aware that, unfortunately, even when you take all the correct steps, protection from cyber attack isn’t guaranteed. However, following the right procedures does significantly lessen the chances of experiencing cyber crime.
These are the steps recommended by the National Cyber Security Centre, the government body which provides advice, guidance and support on cyber security for the most critical organisations in the UK, the wider public sector, industry, SMEs and the general public.
Back up data
All important data should be backed up regularly in case of an incident such as fire or flood, but also to avoid blackmail in a ransomware attack. The NCSC recommends keeping this in a separate location, and considering cloud storage. Take a look at its cloud storage guidance which can help in evaluating potential providers.
Protect your practice from malware
It is vital to use antivirus software to protect your interior design practice from malware. Also important is that you and your staff do not download third party apps from unknown vendors or sources, the NCSC advises.
Be mindful to keep both the software and firmware for smart phones, tablets, laptops and PCs up to date. The NCSC recommends opting for automatic updates for operating systems, programs, phones and apps. And if a device is no longer supported and updates aren’t available, replacement is recommended.
It’s also crucial to lessen the opportunity for individuals to introduce malware via USB or memory cards. The NCSC advises transfer of files by email or cloud storage as an alternative; blocking access to ports for most users; and using antivirus tools.
To protect against malware, it is also important to make sure the firewall of your operating system is switched on.
Pay attention to smartphones and tablets
Make sure smartphones and tablets are password protected with complex PINs or passwords. The NCSC also advises that tablets and phones should be set up so they can be tracked and locked, data erased remotely, and a backup of data stored there retrieved in the event of theft or loss.
Apps on these devices should also be kept up to date, and public wi-fi hotspots avoided.
Protect data with passwords
As well as protecting smartphones and tablets with passwords, the NCSC advises that laptops and PCs all use an encryption product. It also recommends the use of 2-step verification for any accounts where it’s offered as an option.
If you’re an employer, it’s important to provide staff with information on setting passwords. Be aware, too, that your IT system should not require staff to share accounts or passwords.
Look out, too, for default passwords issued with devices. The NCSC says these should be changed before you pass on devices to staff.
Beware phishing attacks
Phishing attacks involve fake emails designed to elicit information such as bank details, or encourage linking to bad websites and more. The NCSC says that all businesses are bound to receive these, and while you and your staff should be aware of the signs that reveal the email isn’t genuine, there are other steps you should take to protect your interior design practice.
These include giving staff the lowest level of user rights required for their job to limit potential damage from phishing attacks, and ensuring they don’t browse the web or check emails from an account with administrator privileges.
The avoiding phishing attacks advice gives details on how to check for obvious attempts at phishing, operational procedures your practice should adopt, and advise awareness of the information both the business and individuals are making public via social media and websites because this can be used to make phishing attacks look convincing.
Consider the cyber essentials scheme
To provide current and potential clients with reassurance of your commitment to cyber security, you might want to take a look at the government-backed cyber essentials scheme through which a business can seek to be certified.
Take action and stay up to date
Cyber attacks are, unfortunately, a feature of modern life and individuals and businesses are vulnerable to this type of crime. However, by taking action you can afford maximum safety for your practice, protecting your data and that of clients. Make use of the NCSC guides, which offer advice suitable for sole traders, small and medium sized organisations, and large organisations to allow you to optimise cyber security and protect data.
In the event that you do need to report cyber crime, go to the Action Fraud site.
Review the year gone and take a sneak peek into the year ahead for CPD at the BIID
Enjoy our gallery of the BIID celebration at Jab International Furnishings Ltd
Arts University Plymouth wins the BIID Student Design Challenge 2024.
BIID has welcomed a range of new members and Industry Partners over the last three months
Katherine Elworthy reflects on 15 years Chief Operating Officer of the BIID
The BIID are delighted to welcome GP & J Baker as Platinum Partner