Free cyber safety tool

Small Business Cyber Safety Self Check

In five minutes, check the cyber basics that matter most to small businesses: email logins, backups, updates, staff access, risky files, and device safety.

Get a plain-English action plan and choose whether you want local help to fix the gaps. This is a practical self-check and preparation guide, not a formal government certification or audit.

Your IT & Tech Mates Small Business Cyber Safety Self Check hero image showing Australian small business owners reviewing logins, backups, updates, admin access and device safety.
Illustration guide: practical small business cyber safety support from Your IT & Tech Mates.

When to use this check

Use this if you own or manage a small business and want to know what cyber basics need attention first.

You are not sure where to start

Get a simple risk level and a short list of fixes instead of trying to read a full framework first.

You need to protect key accounts

Check whether email, cloud, accounting, banking and website admin accounts have basic login protection.

You need supplier or insurance answers

Find out which cyber evidence areas may need a closer review before answering business questions.

Answer the quick questions

Tick the statements that are true for your business. The result updates automatically.

Email, accounts and two-step login
Backups and recovery
Updates, devices and admin access
Risky files, browsers and business evidence

How this relates to the Essential Eight

Based on public ASD/ACSC Essential Eight guidance. This page uses small-business language first, then maps back to the technical areas.

  • Two-step login
    multi-factor authentication.
  • Software updates
    patching applications and operating systems.
  • Admin access
    restricting administrative privileges.
  • Safe backups
    regular backups and recovery.
  • Risky Office files
    Microsoft Office macro controls.
  • Safer browsers and apps
    user application hardening and application control.

This self-check helps small businesses improve Essential Eight alignment step by step.

What this means for a small business

The goal is not to make you a cyber expert. The goal is to help you protect the things that keep your business running.

Money

Email and accounting account protection helps reduce fake invoice and payment redirection risk.

Files

Safe backups help you recover if files are locked, deleted or damaged.

Staff devices

Updates and reduced admin access can limit damage if someone clicks the wrong thing.

What to fix first

If your result shows gaps, do not try to fix everything at once. Start with the few items that reduce the biggest everyday risk.

1. Protect email and key accounts

Turn on two-step login for email, cloud, accounting, banking, website admin and social media accounts.

2. Check backups and recovery

Make sure important files are backed up, recovery has been tested and ransomware cannot easily reach every backup copy.

3. Review updates and admin access

Keep computers and apps updated, remove old access, and avoid using admin accounts for daily work.

Related tools

Use the hub and related tools to check the other parts of your small business cyber safety setup.

Need help turning this into real protection?

Your IT & Tech Mates can help set up two-step login, backups, updates, admin access, safer devices, and a plain-English cyber action plan for your business.

FAQ

Is this private?

The tool runs in your browser and does not ask for passwords, login codes, card numbers or sensitive customer details.

Is this a formal assessment?

No. Based on public ASD/ACSC Essential Eight guidance, this is a practical self-check and preparation guide, not a formal government certification or audit.

What if I get a high-risk result?

Do not panic. Start with the top three fixes and get local help if the risk involves email, money, backups, staff access or customer records.

Updated