Blog Layout
How Your Employees Can Help Protect You From Cyber Attacks
Andrew Stubbs • Jan 09, 2022

Think of all the information you use in your business. Chances are nearly all of it is electronic – your website, emails, accounts, CRM and payroll information are probably all stored electronically, either in your office or somewhere in the cloud. 


Now, what would happen if you suddenly lost it all? What if you found someone had deleted it all, or encrypted it so they can charge you a fortune for the decryption key? 


What would you do? Could you get it all back? How long would it take? And could your business survive the disruption?

 

The reality of cyber attacks 


While this may sound like a nightmare, cyber attacks like these are becoming more and more common. They're now the fifth largest global threat (just behind data fraud), and no business can afford to just sit and hope it doesn't happen to them. 


"But mine is just a small business?" I hear you say. "Why would they attack me? 


Quite simply, because they can. Most cyber attackers aren't doing it to make a profit. They simply want to cause as much disruption as they can, knowing the business they attack will suffer significant downtime, financial losses, and damage to its reputation. 


Unfortunately, even the best defences from your IT department or service provider can't keep them at bay if your employees are letting them in the front door. It could be opening that 'phishing' email and unknowingly installing a virus, giving their ID and password to the 'person from IT' on the phone, or even accessing the office network from a laptop over an unsecured wi-fi connection. 


Which is why you need to teach all your employees about cyber security and how to avoid falling for these traps. And you need to have regular training sessions to keep them up to date on how to defend themselves from the latest methods of attack. 


What your employees need to know 


Your employees should know how cyber attacks happen, particular in light of "social engineering" attacks – phishing emails, phone calls asking for login information, etc. This teaches them what to look out for, and how they can stop the attackers in their tracks.


They should also know what to do in these situations (especially if they accidentally do something wrong), and how to report them. 


You may want to arrange random 'tests' to see if your employees know what to do. For example, have someone pretending to be from the IT department ask for personal information. Do they report it, or do they give up the information? 


Educate your employees about scanning USB devices (ideally on a standalone computer) for malware and viruses before opening any files on them. 


What you can do 


You can also help your employees follow safe IT practices to minimise the chances of an attack. 


Give all employees with laptops access to a Virtual Private Network (VPN) service and show them how to use it. This will stop attackers 'eavesdropping' on their information if they're using an unsecured wi-fi connection. 


Encrypt the hard drives of all laptops. This will prevent the information on them being accessed if the laptop is lost or stolen. 


Have your IT team set up a policy that forces all users to choose strong passwords (i.e. using upper- and lower-case letters, numbers and symbols), and change them every month. 


Make sure all computers are running anti-virus and anti-malware software, and that they are kept up to date. 


Stay vigilant, stay safe 


The reality is that your business will never be safe from cyber attacks. But educating your staff, and giving them the tools to defend themselves, will greatly reduce the chances of your business becoming the attackers' next victim.

Why Your Business Needs to Invoice Using the New Peppol Network

By Andrew Stubbs 05 Jun, 2022
Here's some good news if your business sends invoices to business or government customers. Peppol* is on its way. (That's Peppol, not Peppa .) Ever had this conversation in your business? You or one of your team: "Hello, I'm calling to follow up the invoice we emailed to you last month. It hasn't been paid yet." Customer: "Really? We didn't receive that invoice?" In addition to the time and expense of following up, the cash flow delays create stress for you and they hurt your business. Thankfully, the adoption of Peppol will solve this problem. What is Peppol? Peppol is an obscure acronym for Pan-European Public Procurement On-Line. What's more important than what it stands for, is what it enables. Peppol is an international 'eProcurement' framework for the electronic exchange of information. It creates a standard approach for governments and businesses to structure and exchange information such as invoices and other documents. What Peppol means for you and your business Peppol makes electronic ordering, invoicing and shipping between governments and private companies faster, simpler and more secure. This means your business will get paid faster when dealing with government and larger businesses. In 2019, Australia and New Zealand adopted this platform for e-invoicing which, when implemented, will make 'we never received your invoice' issues virtually impossible. The new e-invoicing system is more secure than email and provides many other benefits. Which countries are adopting Peppol? There are currently 40 OpenPeppol member countries: 32 countries in Europe plus Australia, New Zealand, USA, Canada, China, Japan, Mexico and Singapore. Each country has a Peppol authority. For example, in Australia that's the Australian Tax Office (ATO). Is Peppol already in use? Yes it is. For example, the SuperStream system in Australia-which many businesses are currently using to automate the payment of employee superannuation contributions-is based on the Peppol protocol. How does e-invoicing work? The system connects the accounting systems of all businesses and government departments via the secure Peppol network.  Suppliers generate sales invoices in their accounting systems which are sent to Peppol.

Company Director? Why You Need to Apply for Your DIN

By Andrew Stubbs 04 May, 2022
If you're a director of an Australian company-or you plan to be-take 5 minutes now to read this article. All existing directors (and intending directors) of Australian companies need to be aware that the Australian Government has announced the introduction of a new mandatory Director Identification Number (DIN) system. (You'll notice the term director ID is also used for DIN.) This system is the initial step in the Modernising Business Registry (MBR) Program which has been established under the Treasury Laws Amendment Act which was legislated by the Australian Government in 2020. More information on the MBR program can be found here . What is the DIN system trying to achieve? The DIN aims to provide accountability and traceability of a director's relationships over time, across all companies and will provide information on a director's involvement in what may be repeated unlawful activity, including illegal phoenix activity. It should also solve the problem of false or fraudulent director identities. What are the key features? It is mandatory for all directors, foreign directors and alternate directors of Australian companies to hold a DIN. The DIN is a unique 15 digit number. The first 3 digits will be 036 which is the identifier for Australia. The last digit is a check digit to help with accuracy when quoting your DIN. Like your tax file number, you will only be issued with one DIN which you will hold for life - even if you cease acting as a director for any period. To obtain a DIN, you will need to prove your identity so you will not be able to hold multiple DINs. Other office holders (e.g. company secretaries) are not required to register. The director is responsible for updating the DIN records for any changes in personal information within 7 days of the change. The director must apply personally. The process cannot be completed by your accountant, lawyer, spouse or executive assistant. There are significant penalties for non-compliance. How do you apply for a DIN? Directors have 3 options for applying. You can apply online from 1 November 2021. To use this method, you must first establish your identity via myGovID (an app you download on your smart device which is different from myGov). Once set up, your myGovID will make accessing a wide range of government services easier. (It's not just for your DIN application). For information on how to set up a myGovID please go to https://www.mygovid.gov.au/set-up During the DIN application process, you will need additional information such as your tax file number (TFN) and your residential address as per ATO records. It would also be advisable to have other personal details such as bank account details, medicare card or a recent income tax assessment available in case these are required. You can also apply by phone ( 13 62 50 ). During the call, the operator will ask for the identity documents you would have used to obtain your myGovID (passport and driver licence) as well as the additional information listed above. These details will be confirmed with the records held on existing government databases and, assuming the details agree, your DIN will be issued. Or you can apply by mail, but this is not recommended because the process for doing this seems vague ("Write to us") which means you can probably expect a lengthy process of certifying documents and coping with the vagaries of the postal system. One of the other two methods would be a better choice. When will you need to apply for a DIN? Transitional arrangements will allow directors to become familiar with the new requirement. When you need to have a director ID will depend on when you were appointed as a director.

7 Best Practices for Setting Your Small Business on the Success Track

By Andrew Stubbs 07 Apr, 2022
If you're a small business owner, you're always on the lookout for better ways to go about routine tasks to boost growth and underpin reliability. So, yes, you have the will; now, what are the ways? What are those consistent routines you can instill that will have the most benefits? This article looks at the top 6 things you can do to help your business thrive. We're going to cover finances, goals, marketing, technology and you ! So, let's take a look… 1. Your finances are a scorecard … and a predictor Boil it all down and dollars in the bank are the report card on the health of your business operations. Surprising then that so many people don't really pay much attention to how much they've earned, nor how much they're likely to earn. As much as it might feel like a chore, reviewing your sales and financial projections and then using them to ascertain if you need business financing is a discipline worth cultivating . If you suspect that your cash flow is precarious, you should be checking out your options today. First metric to check: your credit score. If it is too low, you need to take steps to shore it up. Next, check in with your bank or finance broker about what loans are available. 2. Goal setting, goal achieving, goal celebrating So, if you're using current and future dollars in the bank to keep score, the next thing is to do something about it. This is where goal setting comes in. If thoughtfully set and persistently pursued, goals help you orientate your willpower and your energy at each moment of the business day. This is the hidden power of goals: giving you a good sense of direction and a way to channel your instincts towards wise objectives. Constantly checking in with your goals makes them a benchmarking tool to keep your business pointed in the right direction. Yes, just having goals helps. Actually achieving a goal helps too, of course! 3. Increasing the impact of your marketing Marketing is not magic. It is not a mystery. It is not an art. However, many less-than-reputable marketers will try to claim that it is. They do so to gain wiggle room to pad their invoices and cover up their lack of skill. What this means is that it is easy to waste money on ineffective marketing. The good news is that there are many low-budget marketing strategies that actually work to help grow your brand and reputation. Scout around on the internet and choose one or two new tactics. Deploy them and test them. If they work, double down. If they don't, try something else. If you can't tell if they're working, also try something else. Social media is the obvious starting place for these low-stakes experiments and the old classics of LinkedIn, Facebook and Twitter are where to trial them. 4. Bringing your business up to date technologically The ability of modern productivity and project-management tools to give small players the same capabilities as the big boys simply cannot be ignored. Harness them properly and they'll let your small businesses operate with the same productivity as the titans of your sector. And, if your business is in the services sector, the increased controls that business technologies can yield also lets you be highly agile - that's something the big boys can't do. So, ask yourself: are you taking full advantage of what's out there? Don't worry, the answer to this question is always 'no' - the field is simply moving too fast for anyone to be able to take full advantage. However, if you have a realistic view of your needs, then you have a yardstick to help assess all the solutions out there. When you know what you need the technology to do, then you can wisely choose what hardware, software, platforms and techniques to introduce. 5. SEO has changed and it is going to change again Google - indeed all platforms offering broad search functions, from Youtube to Facebook - are constantly altering and optimising their algorithms. This, in turn, means SEO practice must constantly evolve to keep pace. So, if your SEO approach hasn't been overhauled in a few years, the time has come to give it some attention. Do a review of best practice and score how you cater to SEO in your online presences. Yet, because the underlying concept of SEO has not changed, the corrective actions you need to take may not be major. Then again, they might be! It is better to know unpleasant news sooner than outright bad news later. 6. Download the right new apps The remote work trend has gone mega and this means mobile productivity apps are very much of-the-moment. See, you can get a surprising amount done with just your phone and tablet. And apps are how it all happens … plus connectivity and a full battery, of course! Usually, apps are best for keeping an eye on things, boosting effectiveness on the "busy" tasks and enabling you to give your stamp of approval to work that needs your say-so to progress. In general, these are not value-adding tasks, just the value-neutral tasks that get in the way of the value-adding tasks. Now, there is no end of apps out there. So, as always, don't bother looking until you have some idea of what you need. 7. You are the ultimate business tool Health is the single most important aspect to consider for anyone running a business. It's the non-negotiable factor that governs everything else you are capable of. To adapt a quote from Arnold Schwarzenegger, being fit and healthy is "a status symbol. It reflects you worked hard for it; no money can buy it. You cannot borrow it, you cannot inherit it, you cannot steal it". This means that you must get enough sleep every night (most people need 7 hours or more). This means a healthy diet must become your preferred way of eating. This means that you should exercise every single day (except when sick). This means you must give your mind a rest too . Meditation isn't some mystic monkish thing, it's simply the practice of letting your thoughts come and go while you - the observer - stay peaceful and undisturbed by them. Think of it like this, meditating is mediating your mind. Take stock, choose wisely, make small steps in the right direction In this article, we've talked about some improvements you can make to what you're already doing. You don't have to do all of these at once. Start with the one that seems easiest and then stick with it to see if it works. Remember, it's not always about big changes. Often, you can make major improvements in outcome by making small changes to input. Doing the little things better. So take stock, choose wisely and be sure to make those small steps in the right direction for success today, tomorrow and the next day.
More Posts
Share by: