Protecting your small business, customer data in a mobile world

You have been working hard to build your small business online, and you’re making some good money for online leads now. Great, right? Well, do you know who else is working hard to make money online? Hackers!

How can you work to protect the money you make, and transfer, online from hackers, and keep your small business successful? It can be cheaper than you think; you don’t need your own IT team to start. Read on for some practical tips that cover encryption, storage, and access for 21st Century digital practices for small businesses.

Protect the money your small business makes online

You can’t just assume that everything is ok online, numerous hacks happen every month to businesses of all sizes, Heartbleed showed us that the basic security of the web has flaws, and you don’t want to be the next headline. Start implementing what you learn here and you’ll be well known for your products and services, not the data and money you lost due to negligent digital practices.

You will never know everything about online security - trust specialists

With the increasing complexity of online security, your business needs to hire on and work with specialists. I’m not talking about hiring your own IT team, this will mostly consist of hiring on specialist third parties to handle your customer history records, and bank/credit card information.

If you’re hiring on a team to do this, and then storing this information again yourself in some way, you’re doubling the points of entry for hackers (from one to two), leaving you more vulnerable. You need to trust the third parties you hire on and not create more problems with your own back ups.

For data storage needs that you do have, be sure to store this information on devices that you do not connect to the Internet. You should also read the device encryption section below.

Encrypt all data that you store about your business

To continue the point above, there are all kinds of data points that you may have to store yourself. This can include confidential data about your company that you don’t want to trust to anyone else. You can store this data on: Portable external drives, USBs, tablets, smartphones, desktops and laptops.

All of the above listed data storage devices have some ability to encrypt what is stored on it. If your business isn’t doing this, you may as well rob your customers yourself, as you’re being negligent in how exposed they are to hacking.

Fortunately, some of the biggest operating systems offer full disk, or partial disk, encryption. Follow these links to learn about encrypting Mac OS, Microsoft Windows, and Linux systems. You don’t have to pay anything; these features are already included in your OS.

Use a VPN to remotely access data

As the world becomes increasingly mobile, the importance of encrypted access rises. What was once a niche product for businesses that had remote employees is now a near necessity for anyone who operates a business.

The first VPNs were corporately owned and set up, but the arrival of commercial VPNs has given every business the chance to have this extra layer of encryption and protection. Prices vary from around $4 - $10/month depending on the features. Is the protection of your money worth $60/year? I’d give that an emphatic ‘YES.’ Take a look around our Top 10 VPN providers for more on which could work for your business.

Use a password manager

Passwords are still the most basic security feature of the Internet. Password managers help you create and recall many unique passwords.

Here’s how it works: 1) Allows you to use different passwords for everything you sign into online. 2) Creates strong passwords. 3) Enters those passwords automatically. 4) You use one master password to sign in to the account of the password manager - the only one you have to remember. 5) The most common way that businesses lose data and money online is because they use poor passwords. If you’re the type of person who uses ‘password,’ or ‘letmein’ as their password, you need to give your head a shake - your customers deserve better protection

Always use two step authentication

Two-step authentication connects something you know, your password, to something you own, your smartphone. These connections offer better protection for your business as hackers could steal your password, but they won’t have your phone.

How two-step authentication works is by allowing you to sign in with your password as normal, and then sending a code to your smartphone via SMS. It can also send to your email, depending on the provider. This code must be entered before you can enter into the account.

Where this will apply to businesses is on their accounts for: Amazon
PayPal, eBay, GoDaddy, WordPress and Evernote.

If your business uses these in any way, to store any kind of data about your transactions or customers, you need to enable their two-step authentication. Check out this list of sites that have two factor authentication to see if another account you use can have it implemented.

Protecting your small business online doesn’t have to be complicated

The points looked at above, if you break them down into steps, aren’t so intimidating: 1) Trust your specialists and don’t double store customer data. 2) Encrypt your stored data using the tools already on your device. 3) Use a VPN to have secure communication and remote access. 4) Store many unique passwords in a password manager. 5) Turn on two factor authentication on as many accounts as you can. 6) The business of hacking is becoming bigger all the time because some companies neglect some, or even all, of the points above. Don’t leave your company vulnerable, and don’t expose your customer’s data - take action today.

To break down the cost of the above points: 1) Trusting the specialists you’ve already hired doesn’t cost you anything additional. 2) Encrypting your data costs nothing as the tools are already on your devices. 3) A VPN can cost around $4 - $10/month. 4) Password managers are commonly free of charge. 5) Two factor authentication is a free service. 6) Add all of that up and how much does increased online security really cost your business over a year? A lot less than even the most minor hack will, I guarantee you that!

OSM thanks Marcus for this guest article. He is the online security writer for the Online Security blog. You can find him writing and ranting there every Wednesday about the latest developments in the online security world. You can also follow the Best VPN Provider Twitter account to stay up to date all the time!

Protecting your small business, customer data in a mobile world