Here is the second part of our series on making sure that your business is safe, when working online. This is an on-going series. As the list grows, the advice will get more sophisticated. However, easy to understand, as everything is listed in small bite-sized chunks about Internet Security.
- Have an I.T technician.
Ideally, you need to have a member of staff, who’s duty it is to keep an eye on all your hardware and software needs. Printers, Laptops, P.Cs, scanners – everything. They all need driver updates, virus software, and they all break down – normally when a project deadline has arrived. If your company isn’t big enough to justify an I.T Techies salary, then at least have the same contractors /individuals work on your machines over the years. Every network has its own quirks. Jumping from I.T company to different I.T company, looking for the cheapest price, usually ends up being more expensive in the long run. Every I.T firm loves to announce that the previous I.T firm did everything wrong. Find a good company – and stick to them. Over time, they will get a holistic view of your company’s and staff’s needs.
An I.T technician is up-to-date with the latest vulnerabilities, and current affairs, with regards to Internet Security.
2. Strong Passwords
We all know that we should change our password regularly. But we need to up our game. Things like ‘company name’, or ‘husband’s birthdate’ as a password, may seem hard to guess to us users. However, together with access to our social media profiles and a simple process of trial and error carried out with persistence by the hacker can and will crack this password. If we try a little harder, then “W3n33dL0V£” may seem acceptably safe to us humans. Unfortunately, a simple algorithm will make light work of this as well.
What is worse, is that we usually have the same password for all our accounts. And the hackers know this. In the space of a few short hours, the nasty hacker can do massive damage with your whole online world.
A good password, something like this; )*hgDTkhjifg%@ is what we need to create. Furthermore, we need a unique equivalent for each account. Even more frustrating, we need to change these passwords, roughly every 6 months.
Remember that this includes changing all Internet Security access points. When we say access points, we mean things like FTP / SFTP, WP-ADMIN, CPANEL (or any other administrator panel you use with your host) and MYSQL.
3. Backup your website.
A) You Lose All the Work You’ve Done
Building a brand-new website from scratch can take weeks. It can take months. Now imagine replicating your website with all the blogs posted, design customisations, security measures, market research, client information, product information, that you have accumulated over the years.
Ask yourself, how much time, energy, money and stress is it going to take to replicate all of this?
B) Loss of Site Revenue During Recovery
While you are busy working on recreating your site, you will be very, very aware of the lost revenue from your customers and clients.
C) Loss of Time During Site Rebuild
You should be focused on the day to day running of your business. But, how can you? You are frantically searching the net for web developers, or on the phone shouting at the hosting company. Your managers may have been relying on the back-end of your website to manage their staff and projects.
How do you back-up your site?
Basically, there are three groups of people you need to speak to. Firstly, your website developer. Have you given them the job of backing-up your work? Or have they assumed that you are doing it? Secondly, your hosting company. A lot of hosting companies now offer a back-up facility, as part of the service. But DO NOT ASSUME THIS! Third, if you do have an I.T techie working for you. Ask her/ him.
4. Two-factor authentication (2FA)
Basically, this means using two stages to login. Using just a password is only one step. Hackers are always buying and selling passwords on the black market. Or they successfully figure out what your password is.
If you have Two-factor authentication, you have basically added another lock for hackers to get through. This could be your fingerprint, or a text sent to your mobile phone with a code that needs to be entered, after the password. The hacker now needs to get your password AND your mobile phone or fingerprint.
5. Online Course
Every member of staff, including yourself as the business owner could be a weak link in the chain of Internet Security. The Government website has given an online training tutorial. The lessons learnt are applicable for both the workplace and home. If all loopholes both at home and work, by all members of staff, are covered, then your security net will be even tighter. The tutorial takes less than 10 minutes.
If you would like to see the first five points on our list of things to watch out for, then please read the first blog post.