Last week’s announcement of a wide-ranging cyber attack targeting Australia has understandably put everyone – particularly business owners on edge.

And while government officials have stated that the attacks are mostly targeting Australian government organisations, operators of critical infrastructure and private sector companies, it’s important to still be vigilant. That is, while your salon may not be directly targeted, the institutions that you use -such as banks, e-commerce hosts and the ATO – may well be.

Regardless, it’s a good time to take a refresher course on keeping your salon safe from cybercrime and fraud.

Phishing occurs when cybercriminals trick business owners  into clicking and opening malicious attachments or links, usually sent via an email. Criminals have become increasingly sophisticated, making phishing emails, links and websites that appear to be sent from legitimate companies or individuals. When clicked, though, it allows hackers to access the employees’ personal and company information. Salon owners must to educate employees about the dangers of phishing scams, while ensuring they invest in systems and software have security measures against phishing threats.

Unauthorised downloads
Allowing staff to download applications onto the salon’s system can pose a security threat mid those apps run scripts that take control of computers and devices, spreading viruses onto networks.

Often, a pop-up message will advise that the existing security protocols are unable to verify its authenticity. That said, some apps will not trigger the warning pop-ups, which can lead to unwitting staff members downloading the unauthorised applications.
It’s worthwhile for salon owners to put a policy in place where only authorised members of the team are able to have administrative access to download applications, and only once those apps have been sufficiently researched.

Weak passwords
Weak passwords make up 63 per cent of all security breaches, according to the study. Guessing passwords is most-times the first trick of a hacker; it is the simplest way of breaking into a system. To counter this, organisations should insist on regular changing of staff passwords, as well as passwords for all accounting software, and a policy against using their own names, birth dates or business name should be put in place.

Outdated software
You know how it goes: you’re up to your eyeballs in payroll, re-ordering stock or confirming bookings, and that pop-up notification suggesting a system reboot fills your screen. Chances are, you select ‘Remind me tomorrow’ and carry on, right? That said, it’s sop incredibly important to be vigilant about updating software as soon as that niggly notification appears.

The system updates are there to strengthen your security, and not doing them opens your salon to risk of attack on weak spots.

Visit the #BEAUTYSTRONG hub at

For more news and updates, subscribe to our weekly newsletter.