Expert insight: Five tips to protect your business from hackers

British Airways hit the headlines earlier this month when it was revealed that it was facing a £800m lawsuit for a 2018 data breach, but every travel company large and small is vulnerable to hackers and a potentially crippling legal bill.

One small business is hacked successfully every 19 seconds in the UK, according to data protection experts, who have also found that 90% of them are unprepared for a GDPR breach.

So, what’s the best way to make sure your company doesn’t fall victim? TravelMole asked Elik Dermer, CEO and founder of business tool comparison site Comparisun, to share his top tips to avoiding data breaches and heavy fines:

1. Update your software
Ignoring signs for a software update can leave you vulnerable to an attack. Software updates usually contain security upgrades which will defend your business from any future threats. Make sure any updates are installed regularly on your device to keep your information secure and protected. However, be wary of any suspicious activity – make sure the software update is from a trusted source.

Top tip: If you’re using a Macbook or Apple device, you can check for updates by clicking on System Preferences.

2. Engage your employees
Many attacks are the result of human error. Opening spam emails, emailing sensitive data to the wrong person, and accidentally downloading dangerous software are the most common mistakes employees can make within a business that can lead to cyber-attacks. Make sure you implement a data protection policy internally, highlighting what is expected of your employees.

Top tip: Build this into your induction period – make sure your new employees understand you take data breaches seriously and what to do if they suspect an attack.

3. Don’t use obvious passwords
Never use obvious words as a password choice. "Password" and "123456" are some of the most common password choices that usually lead to hacking. Avoid using your company name in your password too. Make sure you are using a combination of lowercase and uppercase letters, numbers and symbols.

Top tip: Make sure you’re changing your password every 60 days, to keep your data secure.

4. Backup your systems
One of the most common mistakes businesses make is not backing up data correctly. If a cyber-attack targeted your company, files can be deleted. If these files contain important information – or even sensitive information – it can be detrimental to your business and reputation.

Top tip: Make sure you regularly back up your systems externally, off-site. This will cover you if you were targeted.

5. Have a response plan ready
An attack on your business is never certain but is extremely possible. What you should think about, is how you’re going to respond to a threat, were it to happen. If you’re too slow to respond to an attack, it could be more damaging to your company, profit and reputation. Make sure you have reliable legal and public relations advice on hand, to help you in response immediately.

Top tip: Implementing a cyber insurance policy can also cover legal costs and compensation.