Let’s face it, the reason you started your own business was hardly to wear the hat of system admin and spend your days worrying about the security and impregnability of your online systems, customer data and IP, was it?
However, startuppers and entrepreneurs really shouldn’t neglect online security. A 2013 survey by Ponemon Institute revealed that 55% of small businesses experienced a data breach, with data loss or theft costing money, clients or their hard-earned reputation. Ouch.
One of the main issues highlighted in this survey? Small business owners don’t always have the resources or expertise, let alone the time to deal with online security in any great depth. The thing is, it isn’t actually that hard or expensive.
Auditing the online security of your business doesn’t have to take long or cost the earth: this free health check tool will be a good starting point for instance. And here are a few quick and easy fixes to ensure your startup or SMB is safe online:
1. Protect Your Kit
Yes that’s an obvious one, but always worth mentioning: get hold of a good anti-virus that will protect your business against malware, spyware and hacks. Many free options are available, but if you also want to protect your network or have several computers in your organization, a business solution will be best. If you want to compare the best software out there before making a decision, Techradar has a very handy buying guide.
Bear in mind that security software is most effective on the latest version of your operating system, so remember to upgrade.
2. Beef Up Your Password Policy
Far too often, the same password is used across devices and systems. Yes, really.
A strong password should contain at least eight characters and include a mix of uppercase, lowercase, numbers, punctuation and symbols. If you are ensure of the strength of your passwords. Microsoft has a useful free password checker tool.
If you struggle to come up with strong passwords, try one of these tools: Random Password Generator, Strong Passwords Generator or Free Password Generator.
Finally, if you struggle to remember them all, invest in a password management tool. LastPass, SplashID Safe or RoboForm are very popular and considered the most secure on the market. It doesn’t have to be expensive either, some of them offering a free package with all the features you need.
3. Encrypt or Face the Music
Strong passwords are one essential foundation to your business’s security, but are not always enough. If you’re storing business critical data that competitors shouldn’t access, or customer’s information that you are by law required to protect, think about encrypting them too. This will ensure that the data can only be accessed by authorized users who have the decryption key. AxCrypt and AES Crypt are both easy to use and free.
Don’t neglect the risks associated with taking your devices outside of the office either. Only recently, the small UK-based loans business Jala Transports was fined by the Information Commissioner’s Office after an unencrypted hard-drive was snatched from a car whilst the driver was waiting at a traffic light. If you need to carry personal data around, an encrypted USB memory stick might be required.
4. Transfer Data Securely
Never send sensitive information over email. Email providers regularly get hacked, and if you aren’t confident in its security at your end, you can’t be sure of what will happen at your recipient’s end either.
FTP (File Transfer Protocol) allows the transfer of large or numerous files over the internet. Although convenient and easy to use, FTP doesn’t use encryption so user credential and files can be easily intercepted by hackers.
SFTP (Secure FTP) uses encryption when transferring files, adding an extra layer of security. Popular free SFTP include FileZilla, WinSCP or CoreFTP.
5. Mind Your Network
Your data can not only be accessed on your devices and when being transferred, but also through your internet network. If the network is left open or accessed by unauthorised users, risks are that data can be compromised, or malicious software installed without you knowing.
Make sure that you never access or transfer valuable business data through public Wi-Fi. “Public Wi-Fi is inherently unsecure. Anyone using it ought to do so with the premise that everything you do is visible to a third-party stranger with access to that hot spot,” said Kevin Clark, an expert in cybercrime based in New Jersey.
It is also a good idea to check which devices are connected to your network, especially if you are based in a shared-office space. NirSoft is free and easy to use, and will let you know within a few minutes of scanning your network the name of devices connected to your network and their IP address. If anything looks abnormal, it’s time to call an expert in!
This article was originally published by Under30CEO
Sabelline Chicot is a writer and editor working in digital publishing, where she covers entrepreneurship, new media and online security issues. With five years’ experience in the tech and digital industries, she’s developed a passion for new technologies, and the great potential they offer to small businesses.