12 Zero Cost Cyber Security Steps for Small Business

Improving cyber security in your business is not just about spending money. Here are 12 practical steps you can take that do not cost anything other than your time:

  1. Disable Adobe Flash to run automatically in a browser and only run when you say so. See our guide to Adobe Flash
  2. Remove Oracle Java from any machines that do not need it (see www.java.com)
  3. Remove Microsoft Silverlight from any machines that do not need it
  4. Run all users as standard users rather than as administrators in Windows
  5. Scan computers with an online scanner at least once a month from a different antivirus company than the one you have installed (for example Eset, Kaspersky, Sophos, Trend Micro)
  6. Educate your staff about the worst passwords of 2017 and not to use their year of birth as a phone PIN
  7. Encourage staff to use personal devices for personal internet use
  8. Block any email attachment that has executable content or the attachment's file extension matches .js or .lnk or .mht or .url or .wsf (for more info see Office365 tips)
  9. Make sure that you are using legitimate up to date software, keygen utilities often contain malware
  10. Install Cybereason's RansomFree https://ransomfree.cybereason.com/ if you use Windows to block ransomware
  11. Consider changing your DNS settings to Quad9 ( if you do not already filter DNS
  12. Show all File Name Extensions so you can spot program files posing as documents like SOMETHING.DOC.EXE or SOMETHING.PDF.EXE as the last dot and 3-4 characters would normally be hidden on Microsoft Windows machines

For more details and information about the above steps see the latest version our Internet Security Fundamentals eBook.