Online security should be a huge concern for any businesses. Companies like Wendy's, Yahoo!, Dropbox and Snapchat all fell victim to data breaches in 2016, and while you can't be entirely sure your systems will never be breached, there are steps you can take to protect your business from hackers or disgruntled former employees.
Let's get started.
Wi-Fi and Router Security
If you offer Wi-Fi to customers, make sure to set up a separate network for customers to use. Your router will need to have guest network functionality so that customers can use your Wi-Fi but your business's information can stay safe.
And don't forget to make sure your router is secure:
- Change your network's SSID (the name people see on their devices when they're searching for Wi-Fi in the area) from the default
- Change your router's password
- Enable WPA2 encryption if possible
Online Banking
If you bank online, the safety of your information is of the utmost importance. Follow these steps to protect your online bank accounts:
- Find a bank that offers two-factor authentication when you log in. Most banks will ask you to use a security code or send you a pin (as an email or text) that you'll have to enter after you've logged in. Make sure your bank does this to make it harder for someone to hack into your banking accounts.
- Never do your online banking on a public network. Only log in to your online banking account if you know the network you're using is secure.
- Choose a strong password, one that isn't easy to guess. Don't use your name or the names of members of your family for your bank account, and don't use the password you use for everything else. Create a password made of a series of letters and numbers, with some uppercase and some lowercase letters. Don't forget to add a special symbol (!@#$%) or two. And change your passwords regularly (at least every six months).
- Don't store your passwords anywhere on your computer. If you're worried you might forget them, use a password manager to keep them safe.
- If someone claiming they're from your bank calls or emails, asking for your login information, do not give it away. Hang up the phone or delete the email. Call your bank's customer service number to find out if it was really them calling or emailing you.
- Log out when you've finished, and clear your computer browser's cache.
Computer Security
When using your personal or work computers for business, be sure to take these steps to keep your business's data safe:
- Set up a firewall
- Install antivirus and anti-malware software
- Make sure you find a firewall, antivirus and anti-malware that automatically update for bug fixes and new security concerns
- Don't open email attachments (or click links) if you don't know the sender
- Make sure your antivirus or anti-malware software also scans websites to check that they're trustworthy
- Make sure your computer is password protected and that you change your password every few months
- Update your operating system regularly
- Don't install any new software without making sure it's safe (search for "[software name] malware")
- Back up all your files to an external hard drive
- Use encryption software for files and emails
Protecting Your Customers
- Have a privacy policy that states you won't give or sell your customers' information to anyone (and follow your privacy rules)
- Don't allow all your employees to access sensitive customer information, just those who actually need to have access to the information
- Shred or destroy customer documents when you no longer need them
- If employees have access to customer data, only allow them to access it from a work computer or a computer connected to your business's VPN (virtual private network)
- Train employees on data security
- If you allow customers to log in to view their information, require strong passwords and a two-step authentication like we discussed above
- If you have an e-commerce store, use encryption software for all transactions
Social Media Security
If employees post to your social media platforms for business purposes, it's a good idea to keep as much of your social information protected as possible.
To manage your passwords, use a social media posting platform (we use a proprietary platform only our employees have access to.)
If you do this, you and your employees can schedule posts and use social media to market your business, and you won't need to share the Facebook password with every new employee (and then have to change it when those employees leave).
What to Do if You Fall Victim to a Cyber Attack or Data Breach
Make sure you have a plan in place in case something like this happens. Save the number of a cybersecurity expert who can help you if your business's data becomes compromised or stolen.
Once you've spoken with the cybersecurity expert, inform employees, stakeholders and customers of the breach. Let them know you are taking steps to recover everything you can recover and prevent this from happening in the future.