Keep online business activity safe and secure

The online world offers many opportunities for businesses—the potential for reaching a broader customer base, using international suppliers and sometimes even saving on admin or supplying costs.

However, the world of online business can bring the potential for scams and security risks.

Information security in your business

Your business holds a lot of sensitive data and information that cyber criminals would love to access. Think about the information that you store online, and what it would mean if the information was lost or stolen? This could include:

  • customer records and personal information
  • financial records
  • business plans
  • new business ideas
  • marketing plans
  • intellectual property
  • patent applications.

Security risks online

If your computer accesses the internet, then it may be vulnerable to various security issues, such as:

These issues can be a problem both in terms of your computer's usability – which can impact on your business operations – and for your customers, as their information could be at risk. Ensuring your business is using effective online security practices can reduce the chance of this happening to you.

If your business uses computer equipment, operates online or even if you just use email to conduct business, you should make sure you and your staff use the internet in a safe and secure way.

Keeping your business information secure

Below are some simple steps that your business can take on to protect your personal and financial information online. Following these steps will help ensure you build and maintain customer trust and confidence in your business. To keep your business and customer information private and secure, here are some key areas you can focus on:

  • Business website - use a strong administration password and limit staff access to those who need to use it for their work.
  • Domain name and domain name server - use a restricted or private email account for your domain name registration and keep the registration details up-to-date.
  • Communication tools - ensure your communication tools (e.g. emails, text messaging, instant messaging) are encrypted, this means that the information is converted into a secret code before being sent over the internet. Prevent hoax emails and malicious software by installing security software and educating staff about safe email use, e.g. not clicking on links from an unknown sender.
  • Privacy - store, protect and destroy every piece of information you collect from a client, including name, address, email address, telephone number, personal opinions or credit card details, in a way that adheres to the Privacy Act 1988 .
  • Mobile devices - protect the information on your mobile devices as they can be lost or stolen. This can be done through strong passwords, data encryption, and using the latest mobile security software, web browsers, and operating systems.
  • Servers and desktop - install security software on your business computers and ensure it includes anti-virus, anti-spy ware, firewall and anti-spam filters. Servers also require a firewall, regular updates and anti-virus software. Monitor your server reports, such as security logs, for any changes or irregular patterns. Make sure you keep your software up-to-date with the latest software updates and security patches.
  • Spam filters - use spam filters to reduce the amount of spam and phishing emails that your business receives. Applying a spam filter will help to minimise the chance that you or your employees will unknowingly open a phishing or fradulent email.
  • Back-up data regularly - backing up your data may ensure that none of it is lost in the event of a hosting failure - such as getting a virus, being hacked, or computer hardware problems. There are several ways to back up your data, such as external hard storage, cloud computing, saving your data on USBs, CDs or a local server.
  • Secure online transactions - Provide a secure way for your customers to complete transactions. Provide a secure online environment for transactions and ensure you secure any personal information that your business may store. Talk to your payment gateway provider about what they can do to prevent online payment fraud.
  • Policies and procedures - have some policies and procedures in place that outlines what is acceptable when accessing and using IT, email and internet in your business for your employees. Make sure your employees are aware of these policies when collecting, storing and accessing data, and that they review them regularly. This could also involve training your employees on the correct procedures in collecting, storing and accessing data.
  • Regular staff training - training your staff about online safety is important, but they also need to be aware of their computer rights and responsibilities as well as network access usage. Training staff on maintaining good passwords, being aware of fradulent emails and keeping an eye out and reporting suspicious online activity will help ensure good IT security practices. Develop clear policies for staff around computer use and have these policies readily available to staff during their induction training. You may also consider refresher training in these policies to ensure all employees are aware of the IT security policies in your business.

Remember, the online security measures you take today can not only help protect your business and your customers from existing threats, but also from future threats.

Keep yourself informed about the latest cyber security risks

Online transaction issues and payment fraud can be a real concern for businesses trading online. It's important to stay informed about the latest scams and security risks. Subscribe to the Stay Smart Online Alert Service to receive up-to-date information on cyber security issues and solutions.

Find out more...


Thanks for your feedback. If you have any ideas on how we can improve, we'd love to hear them.

Please provide your comments in the feedback form.

You might also be interested in