The ways small businesses can protect themselves from hackers

In recent years, giant corporations such as eBay, British Airways and Linkedin have fallen victim to hackers accessing their data. That such huge companies can be on the receiving end of data breaches, despite their astronomical IT budgets, shows that without the right protection, no company is safe.

So, what does this mean for smaller businesses?

Well, for starters, it means you need to be aware of the dangers. Especially as there has been an increase in the number of hacker attacks on small businesses every year since 2013.

So, is it even possible for SMEs to protect data from outside forces? Well, although sometimes hackers may have IT capabilities or technology that is genuinely ‘ahead of the curve’, most data security breaches are the result of poor planning or a lack of security knowledge in-house.

This guide explains why small businesses need to start thinking about their data security policies and, more importantly, how they can ensure that they are well protected from hackers.

Why do small businesses even need to think about data security?

If you are a victim of a data breach, the damage to your company’s reputation can be hard to recover from. If it becomes public knowledge that your company has been careless with credit card details or addresses, will people be willing to come back to purchase from you? You are also putting your business or customers at risk of theft, both in the cyber world and their homes too.

All businesses, regardless of size, are legally obliged to ensure the protection of their data – because it is the law.

Where data protection is concerned, any business that keeps information on staff or customers including customers’ addresses, staff working hours, or even CCTV footage, need to adhere to the Data Protection Act.

If you do not, you could face heavy penalties or fines. These heavy fines or penalties could occur if companies have been hacked, yet have neglected to take the necessary precautions recommended by the Information Commissioner’s Office (ICO).

To understand your obligations under the Data Protection Act, make sure you read ByteStart’s Guide to Data protection for small businesses and start-ups.

What actions can small businesses practically take?

To protect against hackers, a small business should adopt a safety-first approach. Prevention is the best form of attack, so make sure you;

  • Only collect data that you can protect from malicious sources
  • Ensure that the data you do keep can be stored safely. All private details you collect must be under digital lock and key and not liable to theft
  • Stay aware of potential attack on the date your business has on customers and employees.

The techniques hackers use to target small businesses

Some methods favoured by hackers trying to breach small businesses, include;


This method sees a harmful piece of software, usually sent via email, encrypt all of the data the SME houses on its network. With exclusive access to all the business files, the hacker will then be in a position to request a ransom in return for a decryption key.

CEO fraud

By either hacking or spoofing a senior figure in the business, the perpetrator then requests payment or sensitive data from someone in the firm with access.

Denial of service attack

A small business’s website will be attacked by an inordinate amount of data pushed purposefully onto a server in order to overwhelm it.

Hack attack

A hacker gains access to the business’s data by finding a vulnerable, unprotected patch in its digital defences. Hackers tend to look for and extract data on customers’ card details or addresses.

Human error

A large proportion of data breaches occur due to human error, such as information being lost or distributed to the wrong person.

How do you put your business data under digital lock and key?

According to Cyber Streetwise, a cross-government initiative run by the Home Office, the three most important things a business needs to do in order to prevent data breaches are to;

  • Use strong passwords
  • Install security software and
  • Ensure you always install your security software’s updates.

By adopting these three basic rules and the additional tips we have added below, you can go a long way to ensure your business, its future and your data are all safe and sound.

Other tips to reduce the likelihood of your data being accessed by hackers include;

  • Signing up to become a certified member of Cyber Streetwise – doing so shows that your business has taken necessary steps to stay protected, and you can even get a badge to display on your website so customers know their data is safe with you.
  • Making staff aware of threats – train staff to be aware of potential threats, including bogus emails and suspicious information requests.
  • Creating a data specialist role – ensure that somebody in your business is responsible for periodically reviewing and managing the company’s data protection policies and reporting back to senior management.
  • Encrypting data – make sure you use data encryption tools, which ensure that even if a hacker does get into your network, the data they receive is unreadable.

What should you do now?

Act straight away. As mentioned, data crime, especially against smaller businesses, is on the rise.

Many businesses understand the need to protect themselves, but you really do need to act before it’s too late. Don’t make the same mistake as other victims of data fraud; follow the advice in this guide and keep your business safe today.

About the author

This article has been written for ByteStart by Paul Stevens, Technical Service Manager at Renjo, an experienced online retailer with a focus on innovation and giving business customers access to a wide range of market-leading products at competitive prices.

More from ByteStart

ByteStart is packed with help and tips on all aspects of running a small business. Check out some of our most popular guides;

Funding your business

Tax & Accounting

Promoting your business

Legal issues

Bytestart Limited

Comments are closed.