By Sage Singleton
Cybercrime may seem like a threat primarily for big businesses. After all, who would bother trying to hack the online equivalent of a mom-and-pop store? The reality, though, is that small businesses are increasingly becoming the targets of cybercrimes. If your business is primarily based online, the results can be devastating: as much as 60% of small businesses that have fallen victim to cyber attacks go out of business within just six months of the attack.
Obviously, you should do something—but what? For many small-business owners, cybersecurity is a foreign subject. It doesn’t have to be complicated, though. Here are eight easy tips to help improve your security and keep your online business safe.
1. Use strong passwords
Using good passwords is one of the most basic and essential things you can do to secure your business. Your passwords should contain a mixture of numbers, symbols, and letters (both lowercase and uppercase). Never use the same password for more than one account or service, and never use things like your anniversary or kid’s birthday because they are easily guessed.
If all these unique passwords become too much, consider using a password manager. This piece of software suggests secure passwords for you and—most importantly—remembers them for you. This means you can use all the unique, complicated passwords you want without fear. When you need to log in, you enter a master password that unlocks the others.
2. Keep software updated
Another fundamental part of basic online security is keeping up with software patches. As vulnerabilities emerge, software developers release updates that fix them. Most of the time, when your computer or app tells you updates are available, the updates are to fix security vulnerabilities.
Many people skip out on installing these patches. Sometimes this is because they pop up at inconvenient times. Other times it’s because they may also introduce changes to the way software works. Do not skip security patches. Doing so is like living in a bad neighborhood and leaving your front door unlocked. People will try to open it, and you’re just letting them right in by not updating your security.
3. Keep regular backups
Backups are critical in the event of a malware infection or other hack. They allow you to make a copy of everything on your computer and then restore your computer and data to that previous state in the event of a cyber attack, malware infection, or just simple loss of data. The latest versions of both Windows and macOS come with easy-to-use backup software already installed, so there’s no excuse on this one. If you want something a little fancier, there are a variety of programs available.
4. Educate employees on security best practices
You can follow all the best practices in the world, but if your employees aren’t doing the same, all the effort will be wasted. Take time to educate your employees on smart security practices for web browsing, email, and even social media. A hacked Twitter or Facebook account can damage a business’s reputation within minutes.
Inform them of your expectations for installing software updates and maintaining strong passwords. Consider investing in some professional training: an outside consultant can quickly spot poor security practices and tailor training to the specific needs of your business.
5. Make sure your hosting company takes security seriously
For an online business, choosing a secure web host is critical. When choosing where you will host your site, make sure to ask how the provider handles incidents like data breaches and DDoS (distributed denial-of-service) attacks. You’ll also want to make sure the host encrypts passwords and follows other security best practices. Don’t be afraid to shop around until you find a provider that meets all of your needs.
6. Use multifactor authentication wherever possible
Multifactor authentication systems require the user to confirm their identity using multiple methods. One method asks for both a standard password and a special code that is randomly generated each time and sent to the user via text message.
Multifactor authentication is an excellent way to secure an account, and you should enable it on every service that offers it. It only takes an extra couple seconds to log in, and unless a hacker has both your password and your smartphone, they won’t be able to get access to your account.
7. Use encrypted communications
If your business deals with sensitive information, consider moving to an encrypted messaging platform rather than communicating with traditional text message or chat programs. The advantage of encrypted messaging is that snoopers can’t see your conversations—this safeguard protects not only trade secrets but also financial, medical, and personal customer information. There are many apps to choose from, so try a few to find a great fit for your business.
8. Place restrictions on what employees can do with their devices
Finally, it’s a good idea to put restrictions on employees’ devices that prevent them from visiting potentially compromising websites, installing poorly secured software, and downloading possible malware. Most operating systems, including Windows, macOS, iOS, and Android, allow these restrictions to be put into place. Your IT department can also set up custom restrictions.
These eight tips should get you off to a great start with your cybersecurity. Remember, though, this is an ongoing battle. You have to stay educated to stay ahead.
Sage Singleton is a safety expert who enjoys teaching, individuals, families, businesses, and communities about safe lifestyle habits. Some of her work has been featured on sites like MSN, Huffington Post, Reader’s Digest, Paste and Babble.In her free time, she enjoys wedding planning, traveling and learning French.