Starting an online business has never been easier, all you need is a good idea and a website. Although it is easy to get a business set up, there are still many areas that you need to address as your company grows. It is reported that more than sixty per cent of small businesses have experienced a cyber attack in some form. Data (and the successful protection of it) is the key to any successful online business, so we have looked at a few of the most common threats and how you can prepare your business to be ready when the next cyber threat occurs.
Anti-Malware at the Company
Malware is malicious software that is designed to infiltrate, copy or disrupt your internal systems. Have a suitable anti-malware protocol that includes a secure firewall and PC protection. Choose a quality anti-malware product and have a system in place where you can identify specific threats and react to them quickly to reduce the chances of your internal servers and devices being affected. Delete all spam emails and unwanted correspondence to reduce the risk at the company further.
Restrict Access by Location
Many online companies now restrict access by location. A typical instance is on content websites such as YouTube or Netflix, where certain content can’t be accessed in specific regions. Online companies also use geo-restrictions as is the case for SkyCity Casino and Alternative Nation who restrict access to New Zealand only, for example. Online companies can do the same and still allow some visitors outside of the region who use a good Virtual Private Network to gain access. If your staff travel abroad to areas where access is restricted, let them know of a VPN service they can use, so they will still be able to use internal systems or their emails.
Control Devices Used at the Company
Many employees now use their mobile devices whenever they’re out of the office to write emails, access a CRM or other internal software. Initially, Blackberry devices were the only ones with a very secure connection. However, we can now roll out stand-alone software that allows personal devices to be used for work and still give you control over any device, and the added security needed for the company. Mobile security software will allow your IT team to monitor and make changes to what individuals can access when not in the office through administrator settings.
To protect your company website and email accounts, you should only use reliable web hosting services, and your web host should be PCI compliant to give you some peace of mind. For businesses that sell products or services online, you will need a very secure web hosting package that not only secures your company from hackers but also your client’s personal details and credit card information. Restrict access to your web hosting account to limit the chances of there being an internal breach of security.
The first line of defence for online companies is the passwords needed to gain access to the internal systems, whether that is hosting accounts, client data or employee email accounts. Put a plan in place with your IT team to change passwords regularly. All the passwords need to be complex, as simple phrases, such as names and dates of birth, are too easy for hackers to circumvent. Use a password generating tool that will give you long and complex passwords to reduce the chances of an opportunistic hacker breaking through.
The most successful online companies are driven by data, and this is where their real value is. Facebook, Google and YouTube are data-driven companies, and they take great lengths to ensure the data stays secure. The most straightforward procedure to ensure you never lose vital data is by backing up all your systems continually. Many companies have a secondary server where they can store all their back up data, and this will automatically be replaced by the next backup when it occurs.
Lead by Example
As a company owner or director, you need to show your staff the correct procedures and stick to them religiously. By being an advocate for security, you will be showing your team the importance of online security, and this will resonate with them and encourage them to follow your lead. Hold regular meetings with all the employees to consistently drill home the importance of a secure company, as when things aren’t talked about, they soon become less important, and this is when crucial security steps get overlooked.
Let your staff know what anti-virus software is best for their computer or devices and send out regular memos to update them when a specific piece of software is outdated. The number one reason for security leaks, whether deliberate or accidental, is through staff that work at the company. Have regular meetings to highlight any areas that need addressing where security is lacking and to keep them all up to date with the best practices. Encourage staff to change their passwords regularly for their business and personal devices, email, CRM or social media accounts. Try to get staff on board with security through constant discussions on the subject.
Although cyber threats are prevalent, most are thwarted through constant vigilance and proactive planning by businesses. Speak with your IT team or security expert at your company to make sure your business is adhering to the steps detailed above and have a plan in place should the unexpected happen.