What can go wrong
- Important accounts may have no two-step login.
- Backups may exist but not restore.
- Old devices and apps may remain online.
- Staff or former contractors may keep more access than they need.
A practical cyber security checklist for Australian small business owners covering email, backups, updates, admin access, risky files, browsers, evidence and action planning.
Based on public ASD/ACSC Essential Eight guidance. Written for Australian small business owners who want a practical next step, not jargon.

Start with email, backups, updates and admin access. Then check risky Office files, browsers and apps, insurance evidence and your action plan.
This guide keeps the business problem first, then shows how it relates to the Essential Eight. It is a practical support guide, not a formal certification, audit, legal advice or insurance advice.
You want one simple list for your business, not a technical framework. You need a way to check the basics and decide whether to fix it yourself or ask for help.
You want one simple list for your business, not a technical framework. You need a way to check the basics and decide whether to fix it yourself or ask for help.
Use the related Your IT & Tech Mates tool to turn this guide into a simple self-check and practical next step.
Need help turning this into real protection? Your IT & Tech Mates can help set up two-step login, backups, updates, admin access, safer devices, and a plain-English cyber action plan for your business.
No. This is a plain-English guide based on public ASD/ACSC Essential Eight guidance. It is not a formal government certification or audit.
Yes. We can help with practical setup such as two-step login, backups, updates, admin access reviews, safer devices and plain-English action plans.