By Rajat Bhargava Posted November 30, 2015
-by Caroline Black
If you were opening up a shop, leaving your door unlocked overnight would be unthinkable, right? The digital security of your start up is just as important—maybe even more important. The Internet is more like the Wild West than a civilized street, and making sure you have the advantage over hackers can make or break your business.
Every business has information that should not be distributed, whether that’s credit card information, medical records, or just employee data. As a new business, your reputation is always on the line—one security mistake, and no one is likely to trust you with their information again.
How do you avoid fatal security mistakes when your business is on a budget? Let’s address some of the most effective ways to protect your business from hackers and other sources of data leaks. Many of them are completely free!
Be careful with usernames and passwords.
Start off by instructing your employees on what makes a username or password secure, and then helping them put this into practice. Passwords should be at least 12 characters long and include numbers, symbols and capital letters. Remind employees to change their passwords every three months or so.
Some services, such as Keepass and LastPass, will help your employees keep their accounts secure by generating strong passwords and keeping them recorded in a secure database. This will prevent often-overlooked data breaches, such as writing down passwords on sticky notes!
Get good protection against viruses, malware and spyware.
Install a reputable anti-virus, and update it regularly. This small investment is totally worth it and shouldn’t be more than tens of dollars per person to cover all your employees for a year.
Always use a firewall. A firewall is already activated on most computers, but that doesn’t mean you don’t have options. The basic Windows version is pretty reliable, but you can choose a different one or get a hardware firewall for added protection. Your anti-virus software may also come with one.
Make sure your WiFi is secure.
If anyone within range of your network can use it, you’re exposing yourself to a lot of risks.
If you haven’t already set up a password and encryption for your router, it’s not hard to do. Remember to take all the steps listed above for a secure set of login credentials. Use a complex string of characters, and change it every few months. WPA2 is the minimum recommended encryption, and should be available for any router manufactured since 2006. It’s recommended to backend this with RADIUS, or LDAP.
Use a VPN.
A Virtual Private Network (VPN) creates a secure tunnel between the source of data and its destination. It also encrypts that information, putting an added layer of security between your sensitive information and hackers.
If you want to make VPN use mandatory for your employees, you can install one directly on your router. This way, the possibility of human error is removed, and anybody who connects to your WiFi is automatically protected.
A subscription to a VPN service is not much more expensive than a month of Netflix. Some are entirely free, but those tend to have less protection for your information and are more likely to allow it to be leaked.
Encrypt your data.
You can encrypt anything—your hard drive, your email, your documents—and if you use a VPN, your entire Internet connection. Encrypting data, especially before you send it to others, can prevent any interlopers from accessing the information, even if they get a hold on it.
Keep access to information on a need-to-know basis.
Don’t allow anyone access to information that they don’t need. For example, rather than giving an employee the password to your Google account so that they can edit a document, give them permission to edit it via Google Drive, and revoke access once they’re done. Don’t allow everyone in the company to access and edit documents that they don’t need to complete their tasks.
This doesn’t mean that you don’t trust your employees! Eliminating the possibility of human error is a very important step in maintaining security.
To stay on top of information access, reassess every few months to make sure that no one has access to more sensitive information than they need.
Back up your data.
If the worst happens, it’s important to be prepared. Back up all your data regularly, either in the cloud or on hardware located outside your main office.
What affordable security solutions are you using for your business? What software do you trust the most? Please let us know in the comments!
About the Author:
Caroline Black is a professional blogger and Internet security expert writing on behalf of Secure Thoughts, a website that focuses on cybersecurity and security solutions. Her other main topics of interest include travel security and new technology.