Our Quick-wins for SMEs and contractors

Below you'll find a list of 6 quick and easy-to-implement tips for guaranteeing essential levels of security for your data and IT equipment.

These tips are aimed primarily at small and medium-sized organizations and entrepreneurs who do not necessarily have advanced technical skills, and who are looking for concrete, practical and actionable recommendations to quickly and easily increase their organization's cybersecurity and confidently ensure business continuity.

If your company or organization has an IT department or a contract with an IT service provider, we advise you to discuss your basic protection measures together.

    Back up your data

    Making a backup means making a digital copy of your most important information. It's a precautionary measure designed to keep your data accessible if something happens to your computer or server. Backing up your data can be done on an external hard drive or on a Cloud hosting platform.

  • Why is this important?

    It's very important to back up your data regularly, because if your server or computer is damaged, lost or infected, all your information could be lost for good. Having a backup means you can restore your files and recover your information. The more recent the last backup, the less information you will lose: so remember to back up your important information as regularly as possible. To avoid an unpleasant surprise when you need it most, we strongly advise you to test your back-ups regularly by trying to restore and open a few files. Finally, we recommend that you always keep a backup in a safe place away from your office, so that in the event of burglary, fire or flood you can be sure of having a reliable copy available.

     

  • How do you do it?

    To back up your data, simply follow one of the step-by-step guides written by the support teams for your operating system, Microsoft Windows or Apple Mac :

    Backup and restore in Windows

    Backing up or restoring data on your Android device

    Backing up and restoring data on Windows Server

    Backing up your Mac data

    Backing up iPhone

    Use anti-virus software

    A computer virus is malicious software that can disrupt the operation of an infected computer to varying degrees of severity. An antivirus is software designed to identify, neutralise and eliminate such malicious software, thereby ensuring that your computer functions properly.

  • Why is this important?

    Anti-virus software is essential for protecting your computer and data against viruses. Although no antivirus software can guarantee 100% protection, it is essential to install one. Unfortunately, new viruses are being developed all the time. So you need to install the latest updates for your antivirus software at all times. For most antivirus software, you can request automatic updates and set the program to run regularly.

  • How do you do it?

    If you haven't already installed an antivirus, choose one from the list of reliable antiviruses on the neutral website : the neutral AV Test institute.  You can also ask your Internet provider or bank to recommend reliable anti-virus software.

    All you need to do is install the right antivirus software:

    The best Windows anti-virus software for businesses

    The best anti-virus software on MacOS for businesses

    We also advise you to compare free and paid antivirus software. Under no circumstances should you rely on the price of the antivirus. More expensive does not necessarily mean better performance. Most free antivirus software is very good. However, always check what's included in a free or cheaper version: features, type of support, frequency of advertising, etc. If you do opt for a more expensive version, make sure you calculate the total price for a given period. Check whether you have to pay extra for updates or support.

    Once your antivirus software has been installed, run a full scan of your computer. If it detects a virus, it will guide you through the virus removal process. Carefully review the results to ensure that all viruses have been removed.

    Next, go to your antivirus software's update options and enable automatic software update. This will allow your software to adapt and continue to detect new viruses that could threaten you.

    Finally, in the event of an alert from your antivirus software, notify your IT department or, failing that, your colleagues and associates to prevent the virus from spreading.

    Protect your accounts with MFA

    An account, or user account, refers to all the information or resources allocated to a person or a device such as a computer or a telephone. To use an account and make use of its information, you need to register with a system using an identifier (a user name or email address) and a password.

  • Why is this important?

    Your most important information is (or should be!) protected by passwords. Protecting your accounts and passwords means protecting your information. By applying the right protection measures you ensure that your information is only accessible to authorised people and you greatly minimise the risk of loss, leakage or corruption of data essential to your business.

  • How do you do it?

    Never share your passwords. Don't stick a note with the password on your screen or next to your computer. Saving your passwords in an e-mail or in a document on your computer or smartphone is not secure. A hacker who has access to your device can easily find this document in your files. If you want to share an account with a colleague, use a password safe.

    Use long passwords. A secure password is a long password of at least 13 characters. Using numbers, capital letters and symbols will make your password harder to remember. If you find a long password difficult to remember, you can create a sentence as your password. Choose a sentence that is meaningful only to you and includes foreign words, numbers and special characters.

    Use different passwords. If you use the same password everywhere, you risk losing access to all your accounts if your password is compromised.

    Store your passwords in a password manager. A password vault is software where you can safely store all your accounts and passwords. You can also choose to create randomly generated secure passwords or securely share a password with a colleague.

    Some password manager:

    Bitwarden

    Keeper

    Dashlane

    KeePassXC

    Keepass

    Lastpass

    LogMeOnce

    Myki, 

    1Password

    Most password managers offer a paid and a free version. Both these versions are equally secure. With the paid version, you have extra features or functions that are different for each password manager, e.g. 1G storage space, technical support, no limit on the number of passwords etc.

    Testaankoop deed een vergelijkende test van betalende en gratis wachtwoordkluizen. 

    Use two-factor authentication. Two-factor authentication (or '2FA') is adding an extra check (a second factor) alongside your password to protect your accounts. This could be a verification code sent via SMS or email, your fingerprint over the phone or a validation in an application. It is a simple, secure solution that makes your accounts and your most important data significantly more protected.

    Enable two-factor authentication on your accounts:

    Microsoft

    Apple

    Google

    Some authentication applications:

    Itsme

    Google Authenticator

    Microsoft Authenticator

    Authy

     

    Use firewall software

    A firewall is software (or hardware) that protects your computer network, i.e. the computers and equipment you have linked together to exchange information. The purpose of a firewall is to filter and, if necessary, block unwanted access to your computers and resources.

  • Why is this important?

    Installing and configuring firewall software allows you to control the flow of information between your computer and the Internet. By defining filtering rules, either by default when you install it or by adding your own, you can authorise or deny external access to your computer, thereby preventing information theft and other types of intrusion. A firewall protects your data, your personal information and guarantees your peace of mind when using your computer on the Internet.

  • How do you do it?

    Activate default firewalls on your computer:

    Enable the default firewall on Windows

    Enabling the default firewall on macOS

    If you are unsure whether to install or configure firewall software, we recommend that you contact your ICT service or IT service provider to determine together which firewall solution best suits your context and needs.

    Be vigilant

    Being vigilant means learning to recognise attempts to defraud or hack online using fake e-mails, websites or messages, known as phishing. Cybercriminals always try to exploit the credulity, trust or fear of their potential victims. Staying vigilant enables you to identify fake messages and thwart phishing attempts.

  • Why is this important?

    It is important to remain vigilant against scams and phishing attempts, because opening an attachment, clicking on a link or sharing your password following a malicious message can open the door to your systems to a cybercriminal who could then, among other things, deploy malicious software that would damage your programmes, degrade your computer's performance, delete or block your files, or even try to extort money from you. By teaching your staff how to thwart these attempts, your organisation can guarantee the security and integrity of your data and the continuity of your business.

  • How do you do it?

    Always start by asking yourself certain questions when an email or phone call seems suspicious:

    • Is it unexpected?
    • Is it urgent?
    • Do you know the sender?
    • Does the question being asked seem strange?
    • Where does the link you are being urged to click lead?
    • Is the message addressed directly to you?
    • Does the message contain many spelling or grammatical errors?
    • Is the message in your Spam/Junk/undesirable folder?
    • Is someone trying to arouse your curiosity?
    • Are you being asked to make a payment?

    If in doubt, it's best to err on the side of caution: don't open the links or attachments and try to contact the sender in another way (by calling the recipient if you know them, or by using a browser to visit the organisation's website to check the message's veracity).

    If you receive a false message :

    • Forward the message to suspect@safeonweb.be
    • Do not click on the link.  Search for the site using a search engine.
    • Do not forward the link to your contacts.
    • Do not fill in your personal details.
    • You can also send it to the organisation concerned.

     

    Do not hesitate to share Safeonweb campaigns.

The aim of this content is to share and raise awareness of good cyber security practice. 
Some of this advice may apply differently depending on the context of your organisation.
Always comply with the policy and instructions in force in your organisation.
If in doubt, always ask your IT manager for advice first.

Disclaimer

The Center for Cybersecurity Belgium (CCB) has selected a number of products currently on the market based on objective criteria.

However, the CCB accepts no liability for any direct or indirect damage resulting from the download or use of these programs. Users are advised to download the programs developers' official websites.

Furthermore, the CCB cannot be held liable to users or third parties for any direct or indirect damage resulting from any errors in the updates or from the collection or interpretation of the information they provide.

The CCB cannot be held responsible for any temporary interruption or malfunction of the user's system.