North East Digital Skills

Cyber Security Checklist for Small Businesses

1. Use Strong and Unique Passwords

Weak or reused passwords are one of the most common causes of security breaches.

What to do

  • Use long passwords (12+ characters)
  • Avoid using the same password on multiple accounts
  • Use a password manager such as Bitwarden or KeePass to store passwords securely.

2. Check If Your Email Has Been Breached

Data breaches happen regularly and can expose business email accounts.

What to do

  • Check company email addresses using Have I Been Pwned
  • If an email appears in a breach, change the password immediately.

3. Enable Two-Factor Authentication

Two-factor authentication adds an extra layer of protection to accounts.

What to do

  • Enable two-factor authentication on email accounts
  • Enable it on cloud services and business systems whenever possible.

4. Keep Software and Devices Updated

Outdated software can contain security vulnerabilities that attackers exploit.

What to do

  • Install updates for operating systems
  • Update browsers and applications regularly
  • Ensure antivirus software is up to date.

5. Be Careful With Email Links and Attachments

Phishing emails are one of the most common cyber attacks against businesses.

What to do

  • Do not click on suspicious links
  • Do not open unexpected attachments
  • Check suspicious files or links using VirusTotal before opening them.

6. Train Staff to Recognise Cyber Threats

Human error is one of the biggest cyber security risks.

What to do

  • Teach staff how to recognise phishing emails
  • Encourage employees to report suspicious messages
  • Use security awareness resources such as those from KnowBe4.

7. Check Suspicious Websites

Fake websites are often used in phishing attacks.

What to do

  • Avoid entering login details on unknown websites
  • Check suspicious sites using ScamAdvisory before interacting with them.

8. Share Passwords Securely

Sending passwords through email or messaging apps can be risky.

What to do

  • Use secure sharing tools such as One-Time Secret
  • Avoid sending passwords in plain text messages.

9. Scan Computers for Malware

Malware can steal data, monitor activity, or damage systems.

What to do

  • Run malware scans regularly
  • Use tools such as Malwarebytes if you suspect an infection.

10. Back Up Important Business Data

Ransomware attacks often target businesses that do not have backups.

What to do

  • Back up critical files regularly
  • Store backups in a secure location
  • Test backups to ensure they can be restored.

Cyber Security Is an Ongoing Process

Cyber security is not something you set up once and forget. Regular reviews, staff awareness, and good security habits are essential for protecting your business.

Need Help Improving Your Cyber Security?

North East Digital Skills works with organisations to improve cyber security awareness and digital safety.

If your business would like guidance on improving security practices, feel free to get in touch to discuss training or support.