Every business owner wants to find a way to secure their business from fraud and ID theft, yet with so many sources of information bombarded at us more than just a few times a day, how can you determine the most immediate – and important – steps you can take to ensure you’re safe?
I’ve boiled this down to five steps you can take right now to secure your systems – and, best of all, you won’t need an IT department or costly consultants to come in to help. While I’m not going to explain how to enable these technologies, you can read about it in any of the embedded links below.
1. Enable Multi-Factor Authentication
Sure, we want to get more done in less time, but this is one technology you cannot ignore. Simply put, multi-factor authentication is an extra bit of caution you can implement to make sure the people logging into your systems are authorized and approved. At SBS, we implemented Liscio, a secure file sharing and messaging platform; you may want to check it out for your business.
You’ve probably already seen multi-factor authentication on various banking websites or for technology downloads – and you should set it up on your website for users if they are downloading something important, or if you have a portal to do business.
A side benefit of multi-factor authentication is that requiring it for your customers makes you look like you know what’s going on with technology – and that you are taking an extra step to protect your users’ information. We call this “trust.”
2. Set up Your Own VPN
There’s a stigma that VPNs, or virtual private networks, are only for the larger companies because of the cost and number of users logging into a company’s system. Not true! There are simple VPNs that can be set up for any small business.
You can do your own Google search, but I found this page pretty easily – the top 10 VPNs ranked by CyberNews.
What’s great about VPNs is that they are entirely portable, meaning that no matter where you’re working – remotely at home, in the office or even on the beach – you’ll be able to tap into your own company VPN right on your device – laptop, phone or tablet. Doing this will protect you from drive-by baddies who will try to tap into your WiFi. It’s another extra layer of protection and a wise expense for your business.
3. Protect Your Passwords
You’ve read about passwords many times in my blogs – for a good reason. You really can’t be too careful when it comes to protecting your personal information and your company’s data.
If you’re still using your son or daughter’s name as your password, stop doing that as soon as possible. Any family member is a pretty easy guess for most anyone; all they have to do is visit your Facebook page (which you should also protect from any non-friends, but that’s probably another blog) to find out the names of your spouse and children.
There are several good password programs available, and the cost is minimal considering how effective they are. I use Dashlane, but there’s also LastPass and 1Password. The programs are mostly the same; once you install them, you can opt in to create an extension for your browser, so every time you log on to a website or create a new login/password for something new, you can set up any password you want or agree to an automatically generated one. The automatic option is long, jumped with uppercase and lowercase letters, and includes numbers and symbols – ideal for an impenetrable password.
4. Don’t Go Phishing
I’m sure you’re more than aware of phishing, but if not, brush up on it right away. Here’s a really good how-to article from the FTC.
Avoiding phishing scams is easy. Don’t click on any email without recognizing the sender, and if you don’t know the sender, right-click on the drop-down arrow after the sender’s name. For example, if you bank with Chase and get an email that seemingly looks like it’s from Chase, right click on the sender’s name. If it does not have the Chase domain URL, then it’s probably fraudulent.
Remember, big box stores that suffered security breaches with their customer’s information weren’t violated by someone who attacked the systems directly; it happened because an employee opened an email that contained a virus that penetrated the systems.
If you’re looking for help filtering the spam from true email, you might consider programs such as AppRiver. We use this one at SBS to filter mail. Whatever you decide to do, exercise caution and you’ll be just fine. You can’t be too careful when it comes to phishing.
5. Secure Your Devices
Just like several of the areas above, this one may seem obvious, but we’re all busy people who may forget to put away our devices and store them securely. I know one man who packs his laptop in his checked luggage. Can you imagine the consequences if his suitcase came open, let alone someone opening it up for inspection and stealing the laptop?
Whether you’re starting to travel or have a trip in the future, use your hotel safe to lock up your devices when you’re out and about. If you’re in the office or at your business, you can’t secure a PC tower, but you can lock up or take home any laptops and tablets.
The point here is don’t entice thieves by leaving your valuable hardware out for anyone to take. Be wise!
Ask SBS for Advice
We’re here to answer questions and guide you to make better business decisions, so reach out to us today – or any time in the future. Let’s all take security more seriously!