In honor of National Small Business Week, we’re blogging on a couple topics that affect all small business leaders. Those topics are cyber safety and productivity. Today’s topic is cyber safety tips.
We’ll be sharing practical advice on how to keep one of your small business’ most valuable assets, its data, safe. We all know cybercrime exists, but it’s one of those things that a lot of people assume only happens to others. But, making this assumption is very dangerous.
Did you know, in the last year, 50% of online adults were victims of some sort of cybercrime? This includes people who had their login credentials taken straight from them. And, people whose information was stolen from a hacked database. These types of crimes cost the global economy up to $500 billion each year. And, individuals aren’t the only ones being targeted. One in five SMBs have been attacked by cyber criminals in the last year.
Let that sink in for a moment – one in five.
Those are decent odds. Definitely better than winning the mega millions, or beating the house in Vegas. So, with odds like that you need to do everything you can to protect yourself.
Cyber Safety Tip #1: Strengthen Your Computer’s Own Defenses
What to look at:
- Your Firewall – Like a door keeps intruders and weather out of your house, your firewall acts as a barrier between your computer and the Internet. Turning it off for any reason, even for a moment increases your risk.
- Your antivirus software – If your computer is running Windows 8 or later, you have Windows Defender built in to help protect you against spyware and viruses. But, if you’d like more protection, here’s a list of legitimate providers of free and paid antivirus software for Windows. Once you install the software, make sure that you keep it up-to-date. Most antivirus software offers users the choice to have this happen automatically.
- Your operating system and other software – On average, computers have about 74 programs installed from 26 different vendors. Periodically, it’s important to check that the authors still support your software. Also, be sure to install updates when they become available.
Cyber Safety Tip #2: Be Vigilant and Learn How to Spot Fakes
What to do:
- Educate yourself and your employees – Investing time in an online class can help protect you. microsoft.com/protect and stopthinkconnect.org, offer advice on how to spot scams.
- Click with care – If you happen upon a website you think may be malicious, stop before you act. Often, malware creators will design the software so that its buttons don’t do what you’d expect. That way, they can trick people into taking their desired action. Instead, of clicking buttons inside the program itself, press Alt+F4. This will quit your computer’s active program or close your computer’s active item.
- Use your browser’s malware and phishing protection – Most offer features to protect users when they reach unsafe sites. Usually, before it connects to the website, your browser will display a bold warning. And then, give you the choice to continue to that site or go back to the last safe site you visited.
Below are instructions on how to do this in popular browsers.
Curious which of these browsers is the most secure? Check out this blog from pixelprivacy.com to learn more about the security features each offers.
Cyber Safety Tip #3: Safeguard Your Data and Finances
What to do:
- Encrypt sensitive data – Encrypting data makes it very difficult to access if it’s stolen. Microsoft Office and most other well-respected business solutions offer this as a feature. When shopping for new software, check that it will encrypt your sensitive data.
- Use security roles and rights management – Many of the solutions we offer, like Dynamics and Acumatica offer configurable security roles. These ensure each user has access to only the information they need. Rights management solutions a lot like this. They control things such as who can print sensitive information or copy it off your network.
- Use honey traps – To protect important accounts and documents, have Windows send you an email alert when someone tries to access them. That way, you can easily keep an eye out, and make sure that they do not fall into the wrong hands.
Cyber Safety Tip #4: Use Strong, Unique Passwords
Here are some things that separate a good password from a bad one.
- Use words that don’t make sense when put together. For example, BearStayBlueIceStar
- Have a mixture of words, letters, numbers and symbols. A password made up of numbers or words alone is not a strong one.
Remembering strong passwords can be difficult. One trick to make this easier is memorizing a phrase where the first letter of each word is a letter in the password. For example, Bob Still Believes In Santa is a phrase you might use to remember the strong password above.
- Include a date – Anything found in public information, like a birthday or anniversary.
- Use a single word found in the dictionary in any language
- Use numbers alone
- Match any of these
If you struggle to remember or create strong passwords, using a password manager can help. These programs store your passwords in an encrypted list, and often can generate strong passwords for you.
But creating strong passwords alone is not enough. If they get into the wrong hands, they can still be used to access your valuable information. Thus, you should never:
- Leave passwords in plain view – This includes writing them on Post-it notes stuck to your monitor. And, saving them to a file on your computer. Again, a password manager can help you avoid doing either of these things.
- Reuse passwords – If you reuse a password and a hacker figures it out, they’ll have access to a lot of vital information. Not just what’s in a single account.
Also, using your company email and password to log into third-party sites is dangerous. If the website is ever hacked, your business login credentials could be compromised.
Cyber Safety Tip #5: Guard Data While on the Go
The threat to your company’s data does not end when it leaves your network. What to do:
- Be cautious with Wi-Fi hotspots – Don’t access sensitive information over unsecured Wi-Fi hotspots. One way to avoid this danger is to use a VPN. They help to create a secure connection even if the network itself is not a secure one.
- Double check spelling – When typing hotspot names or URLs, make sure you’re spelling them correctly. A typo with even one letter or number out of place could lead you to a malicious site. When hackers set up phishing sites they usually use a URL that is very close to the actual one.
- Encrypt mobile device storage – Mobile devices go missing every day. If the sensitive business information they hold isn’t encrypted, anyone can access it. It’s a best practice to use work folders to store company information on a mobile device. That way, everything’s neatly contained for easy removal, if the device disappears, or its owner leaves the company.
Want more Cyber safety tips? Watch “Cyber Safety101: Protecting Your Business from Cybercrime”, a webcast from Microsoft and the SBA.