IT Support | How to Safeguard your SMB Data
What if this happened to you … a hacker cracked your password and gained access to all of your customer data, or … an online virus attacked your system and caused you to lose all of your invoices. What would you lose in these situations?
- Productivity, because the data would have to be re-entered.
- Your reputation, if the hacker gained access to your email or used your customer data and it is tracked back to your website (or your website is suspected).
- Business, you would not have as much time to pursue customers while you repair your system, and you may have lost significantly in word-of-mouth referrals.
For small to medium-sized businesses, the threat is very real. Not only might a stranger decide to target your business with the assumption that your system will not be secure, you may also face animosity from your vendors and clients. These days, it is vital to your business to safeguard your business data.
If you are not already backing up your data, you should implement a policy and procedure for this task immediately. Many operating systems have backup applications that you can utilize, but does not offer redundant storage. In addition to local computer backups, an external hard-drive or third-party company will allow you to store backed up data offsite in another physical location. This is considered best practice in case of fire, theft or natural disaster.
Data backups should be automatic and simple. Here are a few recommendations:
- Backup your data on a daily to weekly basis.
- Verify your backups periodically—make sure that you can access the information and that the system is working as expected.
- Set up a system in which you can backup information quickly when needed. Always backup data after adding important documents such as invoices or customer financial data.
Fortify Your Passwords
Make sure to use passwords that are not easy to guess. For instance, many people are still using passwords like ‘abc123’ or ‘password123’. Not a good idea. Also, use different passwords for your personal or social online activity and your work or banking activities. You may have simple information which is not necessarily guess-able, but which you include on a social website. That too comprises your security.
A good password should be long, have upper and lowercase letters as well as numbers or special characters. Another good tip is to create a sentence for a password. For example, I want 1 goldfish and 3 tetras could be a good password written together. If it is too long for some sites, you could abbreviate it to IW1Gfa3Ts.
Encrypt Mobile Data
If you carry important information on a mobile device or laptop, protect yourself by encrypting it. Mobile technologies can be easy targets for pick-pocketers or those who happen upon misplaced phones, tablets or laptops. Devices are not only taken, they can be sold to the people who know how to make use of them, including selling or using the information and data they contain.
Encryption is a method where data is scrambled and can only be read by the person with the encryption key. By encrypting your mobile information, you protect your business from ongoing and disabling effects resulting from theft or loss of a device.
Protect Your Business
If you run a successful small or medium-sized business, you put a lot of work into it. You maintain your vendors and clients carefully and manage to create profit whether the economy is predictable or challenging. Do not ignore the fact that hackers are lurking—they are out there. On the local scene, they sometimes go after you for personal reasons. On a global level, hackers are seeking out computer networks to hack into 24 hours a day, 365 days a year. Make sure your data is safe. Take advantage of the simple, convenient tools that are now available for backup storage, and be careful as you engage online both socially and in business.
This post was sent by Joe Schembri who has over 10 years of IT experience including IT security. He currently works for University Alliance and some of their partner universities cyber security training courses. Some of the courses help train for industry certifications such as the CISSP certification exam.