Lockdown Update

After the government’s announcement on Saturday of a new lockdown starting this Thursday – we’ve updated our content in this blog post to provide SMEs with the essential information to keep their businesses operating securely online during this extremely difficult time.

Whilst some businesses might be tempted to revert back to their original lockdown plans – don’t, not without first reviewing your security protocols, VPN connections, disaster recovery plans – and all sooner rather than later to make sure they’re still fit for purpose. Because cybercriminals won’t miss a heartbeat to find and exploit vulnerabilities in your security armoury. It only takes one second of lapsed concentration and they’re in. They’re also getting more sophisticated in their techniques and now it’s you who has to raise your game.

It’s not too late to review your state of readiness for lockdown

Our team is on hand and set up to work remotely – ready to guide you through a review and then prepare for days, weeks and months ahead.

What does Review mean?

Review is when a business undertakes an ‘inside-out’ assessment of its online operational environment, the robustness of its cybersecurity measures and state of preparedness through to its overall resilience.

Questions businesses need to ask themselves when considering a review:

  • What does your business need to do now to prepare itself for the second lockdown? 
  • Are your business continuity plans still relevant?
  • Are there any cost savings you can make? and fast? 
  • How efficiently are you operating way in today’s and then tomorrow’s new working ‘normal’?
  • How successful was working from home for your employees previously? What can you do to make it better? More secure? 
  • What are the main issues which need to be fixed? What do you need to prioritise on the to-do list and how to start?
  • What are the lessons that have been learnt over the last few months, how can you share them across the business?

Why Review?

When the first pandemic wave hit with the subsequent lockdown in March, the three top priorities for businesses were:

1) To set up a safe environment for their employees to work from home

2) Protect their online operations against the increased threat of cyberattacks 

3) To keep their businesses trading

No easy task given the speed at which teams had to adjust to new ways of working and delivering service. Months later, and SMEs have had to adapt to managing the constantly changing ‘business normal’, and now as we write this, a second nationwide lockdown has been announced and businesses are bracing themselves for the impact it will have. However what they also need to be doing is to be ready for when their business comes out of this lockdown and how to come through the economic downturn which will follow. 

Review is an essential step – here’s why? 

Whilst many of the steps taken in the March lockdown were initially perceived as temporary measures, these must now be adapted to become more permanent as working habits have evolved and remote working if possible is the new default choice for many employees, especially with a second lockdown days away. 

60%* of the UK’s adult population worked from home during the lockdown 

26%* of them are planning to continue to work from home permanently or occasionally after lockdown.


However, the technology vulnerabilities of people WFH has resulted in a significant rise of cyberattacks and increasingly sophisticated phishing attempts. This has been particularly difficult for SMEs who operate without the bigger security budgets of larger businesses which has made them soft targets for cybercriminals. Whilst many have been able to hold back the attackers, the reality is it’s a matter of ‘when’ not ‘if’ a data breach or worse occurs. To add to this, many of the company security policies, continuity plans, disaster recovery plans need to be urgently reviewed to see if they still remain valid today and for the forthcoming lockdown. 

A data breach does more than cause enormous reputational damage, it can literally stop a business in its tracks  and for SMEs struggling already, this might be the critical blow stopping any possibility of a future recovery. 

The review however is not only about securing your online operations. As the business trading environment gets harder, cost savings will become more critical and a review helps a business to identify areas where both resources and budgets are being wasted or could be used more profitably.

Bringing in third party experts as partners

One way to bring in the support needed for review is to work with external partners and SMEs outsourcing cybersecurity and cloud hosting experts is a recognised emerging trend because it makes sense. 

Partnering with specialists is the most cost-effective way for SMEs to have the level of cyber security support enjoyed by big businesses with dedicated 24/7 support and 100% support cover regardless of who falls ill on the team without the cost of taking on a full team. 

It also brings relief from the combat weariness that comes with IT teams being on a constant state of high alert, and who have not had the time to recover before the second lockdown goes into force. Bringing in cybersecurity specialists means they’re able to refocus on longer-term priorities such as developing new revenue streams.

How do cyber security and specialist Cloud MSP providers start a review?

A review provides a detailed overview of what is going on in your business operations. 

The best place to start is with internal audits and Digital Craftsmen in association with its partners, CloudHealth and Qualys are accredited experts in delivering Cloud Sprawl and Vulnerability audits. 

The Cloud Sprawl audit provides granular visibility of your cloud activity across the business with a detailed insight of the associated costs to help you cut spending – in some instances 30% or even up to 40%.

Latest Insights

Read the latest news, research and expert views from our master Craftsmen on cyber security and hosting issues, cyber risk, threat intelligence, network security, incident response and cyber strategy.