New Zealand Small Businesses make up 97% of the 500,000 registered businesses in NZ. They employ 30% of the 2.7M kiwi workers and generate 30% of New Zealand’s GDP.
NZ Small Business is the bedrock of the kiwi economy, but the Covid19 pandemic has highlighted the need for small businesses to have a digital presence online as well as a digital Business Continuity Plan to continue trading in times of physical lockdown.
This blog is a high level document for New Zealand Small Business to understand requirements, considerations and guidelines helping their digital transformation journey.
Why is it important to have a digital presence?
The devastating effect of the Covid19 pandemic has highlighted the need for having a digital presence to maintain some level of business continuity during the national lockdown we have been experiencing in NZ and globally.
This is no longer a nice to have, but essential tools for continued operation as well as additional sales and marketing avenues.
What is the cloud and how can this help NZ small business?
Cloud providers enable businesses to move their on premise infrastructure and services to the internet. This allows readily available access to their business data from multiple devices, wherever they can get an internet connection. Cloud business solutions ensure no one is reliant on a single computer, or a single location for accessing important business information, and that data is always there when needed.
Cloud - Pros & Cons
Pros- No infrastructure to maintain
- Cost saving on power & hardware
- Ease of use - intuitive platform use
- Web & Mobile friendly
- Data backed up & always available
- Security best practises
- Scalable to your needs
- Accessible & affordable services
- Need reliable internet connection
On Premise - Pros & Cons
Pros- 100% control of physical equipment & data
- Support legacy hardware or software for your business needs
- Need to secure your equipment
- Data backup & restore risks
- Need local tech support
- Hardware & power costs
- Upgrades
Cloud services
To be digitally alive, you need some basic services. Not all of these are relevant to every business.
DNS – DNS essentially translates at IP address on the internet into simple readable word format.For example gigexchange.com translates to an ipv4 address of 104.26.1.24. To own a domain name, you must first purchase the domain name via a domain registrar such as godaddy or crazydomains. It is critical to ensure you own and manage the domain name via your registrar, as if done via a third party they can shut down your domain name at any time. DNS is also critical for managing email security, which is discussed later in Security Best Practises.
Email – Cloud providers such as Gsuite/AWS/O365 all allow businesses to configure your own domain eg me@gigexchange.com name rather than gigexchange@gmail.com. This provides a more professional look, but also allows the business to create multiple accounts me@gigexchange.com, me1@gigexchange.com for employees of your business.
Storage – Cloud providers provide simple and scalable storage solutions such as GSuite & google Docs. Allowing simple save & edit functions online, removing the need for old school file servers. All data is immediately saved, so no dramas with data loss and its readily available from all web and mobile devices.
Apps & database– PaaS (Platform as a Service) allows developers to build applications & databases without the need for maintaining associated infrastructure. From a business perspective this allows the business owner to focus on the service/application, simplifying IT and making it more scalable to their needs.
Website – Having an online presence is critical to business survival. If your business or service is not found online, you are missing a significant sales & marketing opportunity. But also as we found during the Covid19 pandemic, having a digital presence with an ecommerce online payments solution in place ensured many businesses began operating as soon as feasibly possible, providing a contactless service fulfilment to their customers.
Communication & Collaboration Tools – Unified Comms tools like Slack, Zoom, MS Teams, Skype, Trello & MS Azure DevOps allow business colleagues to maintain digital communication and collaboration of workflow tasks.
Which Cloud Provider to use?
Gigexchange is biased, we are built on google products and believe Google Cloud offers the best products and pricing, but that’s just our opinion. Below is a graph showing current market share. This is a rapidly changing environment.
What type of website?
The term don’t judge a book by its cover should be changed to website. Some websites may be simple static 5 page sites built on WIX or Squarespace, whereas a slightly higher grade wordpress site may look and feel not too dissimilar. But nothing compares to a powerful Progressive Web App (PWA) built on the latest Angular frontend technologies, powered by a serverless NoSQL globally indexed backend database, capable of 100M subscribers, such as gigexchange.com
Most small business may only need the static 5 page solution with an integration to a third party payment provider. Understanding your needs is critical to delivery of the correct solution. But having a searchable online presence is the first step to increasing your digital presence and growing your sales avenues.
Risks & Threats
Having a digital footprint brings its own challenges. Mostly in the name of Cyber Security & fraud. Below is a high level review of solutions and best practise behaviours to help small business combat the digital threats online.
Solutions & Terminology
Anti-Virus – Endpoint protection acts as an important layer to protecting your business data. Anti-Virus technologies have come a long way in recent years. My personal preference for any end point protection is cloud based Next Gen solutions like Cylance or Crowdstrike. These are AI behavioural based and offer greater zero day threat mitigation.
Firewall – Historically network based firewalls controlling application port based traffic inbound/outbound of the business internet link. Next generation now inspect traffic at a deeper level within application protocols eg ie http header. Firewalls can also operate as Web Application Firewalling (WAF) in front of websites to minimise exploit techniques and data loss.
VPN – Virtual Private Network – A hardware and/or software solution providing secure encrypted traffic to an external destination across untrusted internet connections. A VPN can provide secure remote access to on premise infrastructure, allowing businesses to securely access data across the internet.
DNS Security – This is becoming increasingly important as hackers are hijacking domain name traffic and stealing data. Securing your DNS to use additional security measures limits the ability for this traffic to be hijacked.
Web Proxy – allows businesses to monitor and control inbound and outbound web traffic of both employees and other internet facing endpoints.
Email Security - Email is the biggest vector for potential threats into your business. Cloud providers have built in services to control and mitigate against common threat techniques such as
Phishing – technique to obtain personal data unwittingly. Usually by sending a link to a website that looks like a site you trust whereby you enter username passwords which are later used against you.
Malware – attachments that execute code to damage your infrastructure
Spoof emails – emails forged to look like someone else. Usually to then obtain data for nefarious means
Ransomware – malware than usually blocks business access to its own data until money is released to hacker
Spam – unsolicited or bulk emails to overload email infrastructure.
Ensure SPF, DKIM & DMARC setup within Email infrastructure to optimise Email security within your organisation
Ensure TLS is enabled for all communications
Security Best Practise
The list is endless for Cyber Security Best Practices for NZ Small Business, but below are a good starting point.
DNS – own your DNS registrar login and domain names.
Setup DNSSEC
Setup DKIM
Setup DMARC record to monitor
Setup SPF
Setup IAM policies and controls to manage access requirements for employees using your cloud infrastructure.
Restrict and limit privilege access to specific functions of your business
Use Multi-Factor/2-Factor Authentication (MFA/2FA) for all applications
Monitor for Data Loss Protection (DLP)
Secure your office router WIFI controller removing default passwords.
Setup security with WPA2 (+) for protection & encryption
Have a clear password policy for business
Employees
Safe and controlled storage of passwords
Restrict privilege access so one user account cannot access all applications/services
Educate staff to identify cyber security risks.
Ensure Anti-Virus installed and monitored on all business endpoints. Cloud/AI agents preferred.
Ensure your website runs only on HTTPS, not HTTP.
Document your backup/restore & Business Continuity Plan in event of a Cyber breach
Monitor your systems
Set the alerts up to tell you when something changes rather than having to periodically review if possible.
Ensure alerting is active and working
Protect your perimeter. Whether you are on premise or in the cloud, protect your assets with the relevant firewalling, VPN or proxy.
Ensure your online payment solution is 100% secure
Ensure TLS email communication enforced
Monitor software and vulnerability patches and have an action plan
Layered defence. Think of security like an onion. Not because it stinks, but the more layers the better.
Mike is the Founder of gigexchange.com and a Network Security Consultant with over 20 years’ experience helping businesses connect to the Internet securely.
If you are a New Zealand Small Business owner needing help with your digital transformation, gigexchange can help you find the IT network security cloud contractors, freelance web designers and freelance web developers. If you are a larger Corporate, with dedicated channels for independent workers to enter, then your Managed Service Provider, IT Consultancy company or recruitment agency can help deliver these workers to your business in collaboration with our platform.