Blog

Simple Security Tips for Small Businesses

philipp-katzenberger-iIJrUoeRoCQ-unsplash (1)

43% of all breaches occurred at small businesses – and this was before COVID.

The shift to working from home, although forced, puts an exponential amount of businesses at risk.

In honor of #NationalSmallBusinessWeek, here is a list of tips that you can implement to increase your chances of protection.

1. HTTPS vs. HTTP

It seems so simple – but that extra letter at the end makes the world of difference. In fact, Google won’t even consider putting your website in search rankings because they don’t want their users to be ‘at risk’.

To get the “s”, you’ll need to purchase an SSL certificate from your hosting provider. Once purchased, you select the domain you want to attach it to – and that’s it!

2. Wi-fi / Internet network security

Not all connectivity looks the same. Chances are, your at-home networks aren’t as secure as you think. Simple steps to increase your chance of protection:

    • Encrypt your wi-fi network so only trusted users can access (using a passcode and the WPA2/WPA3 Personal Security protocol)
    • Change the default settings – IP address & default login-password for the administrator
    • Turn off remote access related features (this means you won’t be able to access your router if you’re not home – but unless you know what you’re doing,  you shouldn’t need to do this anyways)
    • Update the router firmware
    • Log out properly

3. Leverage VPNs

If you’re going to be accessing any files from work servers use a VPN (Virtual Private Network) – this is a MUST.

There is a term called “wardriving” in the cybersecurity world. This means there are a handful of people who drive around and look for vulnerable Wi-Fi networks to hack. So be smart and use a VPN.

One caveat, make sure your computer is up-to-date with software, operating systems and antivirus software before you use the VPN to remote into your work servers.  If your computer is compromised with malware or ransomware and you VPN into your office network, you have just let the bad guys into the office too!

4. Managed Password Services

Storing your passwords in Chrome? We suggest you stop – immediately. If a hacker is able to get into your Chrome account, they are able to see all your passwords. A simple tip you can take is using a managed password service like LastPass, to keep your passwords secure.

BONUS: These password managers offer randomly generated passwords that can add another layer of security.

5. Multi-Factor Authentication

Multi-factor authentication means there are two steps to log in. For example, if you get a text message with a code to enter, you’ve now just completed two (multi) steps to log in.

If you’re a business owner, we suggest you enable the 2FA option for all employees in your most critical applications, like CRM and billing.

6. Update your apps

“That’s an app for that” – is a phrase we’re all too familiar with… and yes, apps are fun to help with productivity, but the more you have, the more at risk you could be. When apps send that notification to update – do it. Updates are often rolled out to fix any security issues that were exposed.

7. Turn off Default settings

This the simplest, most overlooked step in at-home security. With the recent Zoom security scandals, they’ve made strides in improving product-level security, but it serves as a reminder that ALWAYS turn-off any default settings.