Protect your business

Stay safe with tips on how to protect your business from threats to your premises and from rising cyber crime.

We have teamed up with North Yorkshire Police to create tips to help you prevent some of these emerging threats and protect your business. These include how business owners can keep their premises secure and stay safe online.

All the advice below is also summarised in the following leaflets that you can distribute to people within your business and share with your networks:

Tips and advice

Protecting your premises

Weekly walkaround

You should conduct a walkaround of your property at least once a week to check for any security and maintenance issues, as well as any signs of attempted break-ins or vandalism.

During this, you should check:

    • your security systems, such as alarm or fogging systems, are working as they should be;
    • all litter and graffiti has been removed, to make it clear that your business is still operating – this will make it less of a target;
    • all flammable materials are stored away securely inside a locked security cage or room, and that your bins are not stored near your building;
    • all the lights on your premises are working, to avoid any ‘dark spots’ that could give thieves a place to hide or interfere with your security cameras.

Doors and windows

Check all of your doors for any signs of rust or rot, and ensure they are in good condition, with no damage to the frames and locks.

Any doors with external access should have at least two locks, and all locks should display a kitemark that certifies that they reach the correct British standards. Any roller shutters and grilles should be checked to ensure they shut properly.

Any easily accessible glazing should be laminated glass – this method binds two sheets of glass together, creating a durable surface that won’t shatter under impact. Alternatively, you could apply security film to the inside of the window, which both strengthens the glass and can reduce visibility into the business, creating a one-way filter.

Alarm system

Ensure that your alarm system is working, and that, if tripped, it will send a response to the national Alarm Receiving Centre (ARC), ensuring a police response. Make sure any key holders know how to set it properly when locking up, to avoid accidentally tripping it.

You may also want to get your supplier to check your systems to ensure they are working as they should be.


Monitor your CCTV system to make sure all cameras are working and that they’ve not been covered by overgrown plants or damaged. Cutting back plants on your premises can also avoid the risk of thieves using them as a place to hide or store tools.

Protecting equipment and stock

Any physical stock should be stored securely, either in off-site storage or within a locked room or security cage. Make sure the keys for these are not stored on-site.

You may also have equipment that is essential to your business and needs to continue running, such as fridges, electricity or water supplies – check that these are working and in good condition to avoid fires or flooding within the business

If your business has vending or gaming machines onsite, ensure these are emptied of cash and labelled to reflect this to deter potential break-ins.



A strong password is the best defence against cybercrime – use one with a mixture of upper and lower-case letters, numbers, and special characters.

Make sure that you have a different password for all email and social media accounts, as well as any internet-enabled devices (such as smart speakers).

Likewise, make sure you change the default password on any internet-enabled devices, especially your router.

You may want to use a password manager to store your passwords, or use a root-and-tree system, where passwords are related to each other or a common subject, to make them easier to remember.

Additional authentication

Enable two-factor authentication where possible – this involves an extra layer of security, such as entering a unique code sent via text, to ensure only someone with legitimate reason can access the system.

This can be particularly useful for CRM systems, which often store personal or sensitive data.

Virtual walkaround

You should conduct a regular virtual ‘walkaround’ of your processes to check basic security measures such as:

    • ensuring that anti-virus software is installed and enabled across all devices;
    • reviewing your social media privacy settings;
    • enabling auto-updates across devices so that you’re always working on the latest, most-secure versions of software.

Backup systems

Backing up work can be one of the easiest ways to avoid data loss issues in your business – investigate an auto-backup service that uses a cloud-based system like Microsoft OneNote or Google Docs, or manually back-up your work at the end of every day.

Data security

Physically securing your data can be just as important – make sure USB sticks and external hard-drives are not left out at the end of the day, and are locked away securely and out of sight.

Criminals are using emails to ‘phish’ individuals – using a legitimate front or a good offer to trick them into sharing personal or financial data. Sometimes these contain files that they may ask you to open, or may even come from people you know, if their computers have been infected. If you don’t recognise the email address, or the request seems unusual, delete it – don’t reply and don’t click any links.

Protect against viruses

When browsing or shopping online, look for the green padlock in the address bar – this means the website you’re visiting is safe and unlikely to cause issues like virus transfer. Using anti-virus software can also block you from landing on unsafe sites, further minimising the risk of infection.


There has been an uptick in scams since the start of the coronavirus crisis, particularly around small business grants – if anyone claims to be able to secure a grant for you, or asks you to transfer money for a ‘processing fee’, end the interaction and call your local authority’s business support department or contact us. We will be able to advise you on whether the interaction was legitimate, and what to do next. If it sounds too good to be true, it probably is.