Small business owners often have a tough job. As the face of the business you will be held largely accountable for anything your business does, or anything that happens to your business.
If there is a security breach of your systems and personal information is stolen, you will ask questions as to why. Therefore, it is in your best interest to take steps to protect personal information stored on your systems.
October is National Cyber Security Awareness month, making it the perfect time to take a look into ways you can make your business and systems more secure. One of the best places to start is to look at how your company stores and protects personal information. Here are five tips that can help you protect personal information in your company.
1. Change your passwords: One of the weakest links, in terms of security, is not the programs, networks or systems — it’s actually the passwords used to access these. You should ensure that your passwords are strong. At at the very least use a mixture of capital and lowercase letters, numbers and special
characters like ! or @. This makes passwords harder to crack. It is a good idea to change your passwords on a regular basis. You should change them at least once a year, but far preferable is to change every 90 days. This will minimize the chances of your password being hacked and likely increase overall security.
2. One password shouldn’t rule them all: The number of password protected systems and sites that we use on a daily basis is increasing and it can be tempting to have one or two passwords for all of these systems. This is not a good idea because if one password is compromised, a hacker could gain access to all of your systems and the personal information stored on them. The best solution is to have a unique password for each system and one that is as different as possible. Using a password manager like Dashline or LastPass might be worth looking into but be sure to use a separate password to access to this system as well.
3. Don’t keep everything: While passwords are a common way hackers can access systems, another popular way they get in is through malicious links in email, social media posts or online advertising. These links can be viruses and Trojans that install backdoors to systems, allowing hackers access to files and potentially sensitive information. In order to maximize security, you should look at every link and ensure it is legitimate before you click on it. The best way to do this is to look at the sender’s email address and ensure there are no spelling mistakes or weird characters. Look for any strange spelling, and if possible check there is https:// at the beginning of all links. This indicates that the page is legitimate. If a link seems even remotely suspicious, simply delete it.
4. Don’t react immediately: Communications, especially in online ads and emails, often urge you to click immediately. Pause for a moment, inspect the email or links and try to verify them. As a rule of thumb, if it sounds too good to be true, it is. Therefore, think first and don’t click the link.
5. Develop policies: In order to secure your systems and protect information stored within, develop a policy for all staff to follow. Be sure to look at how you plan to protect information, where it is stored and how it is stored, as well as who has access to it, how can it be accessed, and what happens when the policy is breached. How do mobile devices brought in by employees fit into the plan? Once you have developed a policy, communicating it to your employees and ensuring that they are all on the same page in following it is essential. We know it can be challenging to develop an effective policy, so why not contact us? We may be able to help not only secure your private information but also develop a sound policy that is workable.
David Spire, president and CEO of United Systems, holds multiple professional certifications, including Microsoft’s Small Business Specialist. He can be reached at 941.721.6423 or by email at email@example.com.