You appear to be using an unsupported browser, and it may not be able to display this site properly. You may wish to upgrade your browser.

We use cookies to collect anonymous data to help us improve your site browsing experience.

Click 'Accept all cookies' to agree to all cookies that collect anonymous data. To only allow the cookies that make the site work, click 'Use essential cookies only.' Visit 'Set cookie preferences' to control specific cookies.

Set cookie preferences

Your cookie preferences have been saved. You can change your cookie settings at any time.

Keeping your business safe online

Staff training, internet use, phishing and mobile devices

Last updated
30 Jul 2024

You can help protect your business from online threats by:

  • training staff
  • having policies on internet use and mobile devices

Training

Training can help make your staff better able to cope with security threats, like phishing or viruses.

The National Cyber Security Centre (NCSC) has free training for staff on why cyber security is important and how attacks happen. It covers:

  • defending yourself against phishing
  • using strong passwords
  • keeping your devices secure
  • reporting incidents ('if in doubt', call it out')

It's aimed at SMEs, charities and the voluntary sector, but can be applied to any organisation. You can find this free training on the National Cyber Security Centre website.

You can also find out about certified training on the National Cyber Security Centre website.

Internet use

If your business's staff have access to the internet at work, your business should:

Guidance on acceptable use of the internet is sometimes known as an 'acceptable usage policy'.

An acceptable usage policy tells staff:

  • when they can use the internet privately at work
  • what they are allowed to look at
  • how to use confidential information

You can find more advice on creating an acceptable usage policy on the Get Safe Online website.

Phishing

'Phishing' is a common type of online fraud.

It involves criminals using fake emails or web links to obtain sensitive information, such as:

  • passwords
  • usernames
  • bank account details

You can find advice about phishing on the Police Scotland website.

You can also find guidance on protecting your business from phishing on the National Cyber Security Centre website.

Using mobile devices

Mobile devices such as smartphones and tablets can be the targets of theft and online threats.

Your business should offer staff guidance on the safe use of mobile devices, such as:

  • protecting devices using a PIN
  • installing internet security software, updates to software and apps
  • making sure devices can be tracked, locked or wiped
  • avoiding the use of public Wi-Fi
  • watching out for 'shoulder surfers' when using devices in public

You can find advice on using mobile devices on the Get Safe Online website.

You can find guidance for organisations on how to use devices securely on the National Cyber Security Centre website.

Back to top