Laster…
Cybersecurity for small businesses
Unilab handles the practical security layer most small businesses skip: multi-factor auth, verified backup, password hygiene, phishing protection and email authentication, included in your digital operations at a fixed monthly price.
The short answer
For a small business, cybersecurity is mostly a handful of basic habits and settings rather than an expensive product. It means turning on multi-factor auth, keeping a tested backup, using a password manager, applying updates, authenticating your email domain and helping the team spot phishing. Get those right and you have closed the gaps that catch most small businesses.
The core measures are more about routine and configuration than expensive tools, so for most small businesses the real cost is time and attention. With Unilab the security basics are included in your digital operations subscription at a fixed monthly price, so there is no separate security bill. The simplest way to get a number for your own setup is a free digital health check.
The practical layer
Small businesses rarely get breached by exotic hacking. They get breached through a missing backup, a reused password or an out-of-date plugin, and those are the gaps we close.
MFA on email, admin and the tools that matter. The single biggest reduction in account-takeover risk, switched on and checked.
Backups that are actually tested by restoring them, not just configured and forgotten. The difference between an incident and a disaster.
A password manager, no shared logins, and the obvious weak spots closed across the business.
Email filtering plus short, practical training so the team recognises the messages that cause most breaches.
SPF, DKIM and DMARC set up correctly so your email is trusted and harder to spoof in your name.
Software, plugins and certificates kept current. A lot of break-ins simply walk in through something that was left out of date.
Why small businesses are targets
Much of the attack traffic online is automated and indiscriminate: bots that do not care how small you are. Being little is not protection, being unprepared is the risk.
One reused password or one convincing email is enough. The fix is boring habits, not expensive tools.
There are new security and data rules on the way for Norwegian businesses, and they tend to reach further than people expect. Getting the basics right now means you are ready, whatever the detail turns out to be.
Need the compliance side too? See NIS2 for businesses, or check where you stand with a free digital health check.
If the worst happens
If you suspect a breach, the first hour matters most. Work through these steps in order, and call your IT contact early rather than late.
Take the affected device off the network (unplug the cable, turn off Wi-Fi) but leave it running. Pulling the power can destroy traces that help understand what happened.
From a clean device, change the passwords on email, bank, admin and anything reused. Turn on multi-factor auth where it is missing.
Alert your team, your IT contact and, if money or payments are involved, your bank. Speed matters more than looking polished.
Note the time, what looks wrong, any messages or ransom notes, and what you have already done. This helps whoever assists you, and any later report.
Once the cause is understood, rebuild from a backup you trust rather than paying or hoping. This is why a tested backup matters before anything goes wrong.
If personal data may have been exposed, there can be obligations to report it, and the privacy rules set out how that should be handled. Get advice early so it is dealt with correctly and on time.
This is general guidance, not legal advice. A serious incident, especially one involving personal data, may carry duties under Norwegian law, so get qualified help early.
FAQ
In practice it is a handful of basic habits and settings, not an expensive product: multi-factor auth, tested backup, a password manager, updates that actually happen, email authentication and a team that recognises phishing. Together they close the gaps that most small businesses get caught by.
The core measures are mostly about routine and configuration, so the cost is more about time than expensive tools. With Unilab the security basics are included in the digital operations subscription at a fixed monthly price, with no separate security bill. The best way to get a number for your setup is a free digital health check.
Yes. A lot of attack traffic is automated and does not target you personally, it just looks for any open door. Being small is not protection, being unprepared is the risk.
For most small businesses the impact is more likely to be indirect than direct, often as a supplier to a larger customer who has to document their supply chain. The rules in this area are still being worked out, so rather than guess at the detail we keep your basics in good shape so you are ready either way. See our overview page if you want the bigger picture.
Disconnect the affected device from the network but leave it running, then change the important passwords from a clean device and tell the people who need to know. The step-by-step checklist above walks through the rest.
Other add-ons
Add-ons sit on top of any subscription level. Most customers start with one and add more as the business needs them.
Ready?
Book a free health check. We score your current security and tell you the three things worth fixing first, in plain language.