- Implement a combination of security protection solutions (anti-virus, anti-spam, firewalls).
- Carry out regular security updates on all software and devices.
- Implement a resilient password policy (min eight characters, change regularly).
- Secure your wireless network.
- Implement clear and concise procedures for email, internet and mobile devices.
- Train staff in good security practices and consider employee background checks.
- Implement and test backup plans, information disposal and disaster recovery procedures.
- Carry out regular security risk assessments to identify important information and systems.
- Carry out regular security testing on the business website.
- Check provider credentials and contracts when using cloud services.
Read the full report here - http://www.fsb.org.uk/frontpage/assets/fsb_cyber_security_and%20_fraud_paper_2013.pdf