Main content

Alert message

internet security

Securing your online presence helps protect Australia’s arts, recreation and education sectors. These businesses use a wide range of technologies and deal in sensitive data such as financial information, personal and private information, commercially sensitive data, and intellectual property (IP).

Your arts, recreation or education services business is likely to have websites, possibly with e-commerce and online services, all of which need to be secured. Your business should also focus on protecting its communications systems, mobile devices and servers and desktops.

Your arts, recreation or education services business may operate a website or websites to promote itself, provide information and sell products or services to customers. Some of these functions require you to collect customer details such as names and addresses, and credit card details. This information is extremely valuable to criminals who may try to steal it using malicious software ('malware) such as viruses.

You may also be subjected to domain name hijacking. This occurs when a hacker gets access to the domain control panel of your website and redirects it to a different web server. Visitors to your retail website are unwittingly redirected to the hacker’s website where their information and security can be compromised, not to mention your reputation.

Hackers may even compromise domain name servers so that when visitors to your website type in a URL, they are directed to a fake website. Security breaches like these are a threat to your reputation and your customers’ privacy.

How to protect yourself

  • Work with your technology partners to build security into your websites during development

  • Use commercial services that can scan your website regularly for malware and vulnerabilities

  • Talk to your website hosting company about the security measures they are employing to protect your web properties

  • Back up your website on a regular basis

  • Install and regularly update security software to protect your domain name servers

  • Using strong administrator passwords

  • Limit staff access to your domain registration account

  • Use a restricted or private email account to administer your domain registration

  • Keep your registration and contact details up to date

  • Monitor your domain and registration 

 Communications systems

Your arts, recreation or education services business relies on communications systems, including email, phones and messaging services, to function on a daily basis. However, these may be subject to threats such as spam, scams and malware.

How to protect yourself

  • Encrypt emails

  • Educate your employees on the safe use of email

  • Install up-to-date security software to block viruses and other malware from entering your network

  • Understand and apply strict security policies to the use of new communications technologies such as Voice over IP

  • Educate your employees about the risks of discussing sensitive project information on the phone, particularly in public areas 

 Mobile devices 

Your employees are also likely to be using mobile devices such as tablets, smart phones, laptops and notebooks for business tasks. These devices are vulnerable to loss or theft.

How to protect yourself

  • Encourage employees to use unique passwords on their mobile devices and change them regularly

  • Install and regularly update antimalware software on mobile devices.

  • Ensure all mobile devices run current web browsers, operating systems and applications

  • Educate your employees about the risk of inadvertently downloading malware onto mobile devices

  • Establish a virtual private network to allow users to securely access applications and information via a web browser

 Servers and desktops

You also need to secure your servers and desktop computers. When a machine is compromised it can be used to launch attempts to break in to, or disrupt service on other systems.

How to protect yourself

  • Install and activate security software on your computers

  • Install firewalls and antivirus software on your servers

  • Regularly update your server and desktop software

  • Read server reports, such as security logs, and monitor for changes and irregularities.

Business continuity plans are vital

No matter how many online security measures you implement, there will always be circumstances beyond your control. You need a business continuity plan to minimise the risk of information loss, and should regularly and securely back up your data. You should keep these backups offsite or in a cloud service with proven and audited security measures.

As new security threats emerge and you rely more and more on new technologies to do business, the security measures you implement today could save your organisation from problems tomorrow.

The Australian Government’s Stay Smart Online website offers advice to small businesses and other Australians about being secure and safe online. Stay Smart Online, in collaboration with Australia Post, Australia and New Zealand Banking Group Limited, Commonwealth Bank, National Australia Bank, Westpac and Telstra, has developed the Small Business Guide which is intended to help you put in place some basic online security practices.

Additional information can be found at