Safer Internet Day will be on 9 February 2021 and will be celebrated with the theme:
'An internet we trust: exploring reliability in the online world'
Safer Internet Day 2021 will explore how to separate fact from fiction online. In addition, Safer Internet Day will be celebrated globally with the slogan: 'Together for a better internet'.
This blog post covers:
- Be alert to scams related to the pandemic
- Some facts and figures
- The importance of password protection
- Making your social media accounts secure
- Protecting your systems
- Backing up your data
- Fending off phishing attacks
- Securing mobile devices
- GDPR – staying legal
- The importance of staff training
- Security audits
- Insuring against cyberattacks
Fraudsters and scammers will be trying to take advantage of those who are anxiously waiting for financial support to come through. Be very wary if anyone contacts you via phone, email, post or text claiming to be from the government, HMRC or any other body such as a local council or bank. In addition, fraudsters have been registering websites with names such as 'Coronavirus Compensation Ltd' - make sure you use only the official gov.uk website.
The government has published guidelines to help you avoid scammers and fraudsters during the coronavirus crisis. Do take the time to read it. It explains what correspondence you can expect to receive and how to tell if an email or text is fraudulent.
Some salon and barbershop owners assume they’re too small to be targeted by cybercriminals, but hackers often see small businesses as an easy target. That’s why it’s vital to remain vigilant and protect your business against financial and reputational damage.
A cyberattack will damage, destroy or breach your salon/barbershop computer system. Some hackers do this for fun, others ask for a ransom to put things right or will use personal data, such as customer details, to commit fraud for financial gain.
An NHBF survey found that over half of Members surveyed (56%) had been targeted by cybercriminals, and the vast majority of those had suffered financial loss.
In addition, government figures for 2019 found that:
• About a third (32%) of businesses reported cybersecurity breaches or attacks in the past 12 months.
• The most common breaches or attacks (80%) were via fraudulent emails - for example, attempting to coax staff into revealing passwords or financial information, or opening dangerous attachments.
• Other common breaches included cybercriminals impersonating the organisation online, or infecting computer systems with malware and viruses.
Take password protection seriously in your salon or barbershop. Make sure all your devices are password/PIN/fingerprint protected.
Always use two-step authentication where this is offered – for example, banks and social media accounts will often give you this option. This provides an extra layer of security by requiring both a password and a code sent to your mobile phone before you can login.
Avoid passwords that can be easily guessed and have a separate password for each of your accounts. For example, have different passwords for your email account, client details account, staff details account, bank account and any other business-related accounts you have. It’s tempting to have the same password for everything – but this is very bad practice because if a hacker gets hold of it they’ll have access to all your business information.
Passwords do not have to be changed on a regular basis – only if you suspect your systems have been hacked in any way. Always change the default password that comes with new devices.
Make sure passwords are stored securely and only share passwords with staff members who need to know them.
The NHBF offers a free guide to choosing salon software packages.
Have a separate password for each of your social media accounts and make sure they are not the same as any you have for your business accounts.
Beware of fake social media websites that may look very much like the original. Always make doubly sure the site is genuine before entering any of your login details.
To make your social media accounts extra secure, use two-step authentication.
Members can download this marketing guide which is packed with expert advice.
Use anti-virus software on all your devices and always obey prompts to instal updates. Make sure your firewall is switched on to help block any unauthorised access to your systems and strictly control the use of hardware such as memory sticks.
Make a backup of all the electronic data you hold on a regular basis. This will protect you against loss of data as the result of a cyberattack, but also in case of damage caused by fire or flooding.
Find out how to plan for ‘business as usual’ when faced with disruption caused by natural disasters, fire, theft or power cuts.
Ensure your backup files are not permanently connected to your main computer system, either physically or via a local network. Consider backing up to the cloud.
Phishing attacks are fake emails that ask for banking details and provide links to scam websites. Always look out for signs of fake emails such as poor spelling, poorly reproduced logos and suspicious email addresses. Emails addressed to ‘friend’, ‘colleague’ or ‘valued customer’ can be signs of phishing, along with warnings that you need to ‘act urgently’ or ‘within 24 hours’ which are also scammer tricks.
Make sure your staff understand that they must not follow links to websites from emails sent to your business accounts. However, if a member of staff is caught out don’t be critical as this may discourage your employees from reporting suspicious activity on your accounts.
Carry out a virus scan and change passwords if you suspect a phishing attack has taken place.
Don’t forget to protect any mobile devices used for your salon or barbershop business. Make sure they’re pin, password or fingerprint protected and configure devices so they can be locked or tracked if stolen.
Keep your devices and apps up to date. Use the ‘automatic update’ option if possible and don’t use old devices that are no longer supported by manufacturer’s updates.
Don’t use public Wi-Fi hotspots when handling sensitive data as they are not secure enough and you may put your data at risk. It’s safer to use a 3G or 4G hotspot instead.
Always keep track of all the mobile devices that are used in connection with your salon or barbershop business so you know where they are and who is using them. It’s a good idea to strictly limit the number of people allowed to take them off-site as this reduces the possibility of losing devices or having them stolen.
Salons and barbershops hold data on clients and employees which is very valuable to cybercriminals. Remember that GDPR imposes much stricter requirements than the old Data Protection Act and you must make sure that any data you hold is secure and protected.
You would have to report serious data breaches to the Information Commissioner’s Office (ICO) and the individuals affected – whether your staff or clients - would also have to be told.
GDPR means you must ensure your data is securely password-protected. Download our detailed Members-only guide to GDPR.
Not yet a Member? Join us now for less than 80p a day to access this user-friendly in-depth guide and make sure you are complying with GDPR.
NHBF Members can call our friendly membership team for advice and also have access to our free 24/7 legal helpline. Find out more about legal benefits for Members.
Make sure all your staff are aware of the dangers posed by potential cyberattacks and know what they should do if they suspect a cyberattack.
It’s also important to reserve the right to look at all incoming and outgoing emails and the history of web pages that have been browsed from your business devices.
Carry out regular reviews of your online security to ensure your procedures are up to date and applied across all your devices and accounts.
Consider taking out cyber insurance to protect against financial loss from cyberattacks.
The NHBF works in partnership with Coversure Insurance Services (Huntingdon) to provide value-for-money specialist insurance cover for our Members in the hair, beauty and barbering industries.
Find out what’s available for NHBF Members.
• Salons and barbershops are vulnerable to attack by cybercriminals – don’t ignore the dangers.
• Make sure all your business devices, including mobile ones, are password protected.
• Use two-step authentication where provided.
• Use a different password for each account, including social media accounts.
• Make sure your passwords are difficult to guess.
• Use regularly updated virus software on all your devices.
• Make regular backups – but ensure these files are not directly linked to your main computer system.
• Be on the lookout for fake emails to avoid ‘phishing’ attacks.
• Don’t use public Wi-Fi hotspots.
• Make sure your mobile devices can be remotely locked or tracked if stolen.
• Remember to comply with GDPR.
• Ensure your staff are trained in online security.
• Carry out regular security audits.
• Consider taking out insurance to protect against financial loss from cyberattacks.