Business Resource Center

Protecting Yourself Online

With cloud software providing the most common platform for small business software and communications, it’s critical to understand the related cyber security risks and to protect yourself, and your company, from sharing things with the wrong people and exposing your valuable company data to misuse.

An important first step is identifying, and helping employees understand, the risks associated with phishing email messages. These messages, which try to trick users into clicking links or attachments that install malicious software, account for around a quarter of all cyber attacks reported by small businesses. Phishing messages often appear as invoices or shipping notifications, making it difficult for untrained workers to spot the potential dangers.

Because your small business likely depends on a variety of cloud services, it’s important to protect those accounts with multi-factor authentication that adds a requirement to add a code that’s texted to a mobile device as well as a password. This adds important protection against your account being compromised if someone steals or guesses your password.

Other important steps you can take toward protecting yourself while still enjoying online activities include:

• Use anti-virus / anti-spyware software.
• Keep your internet browser up to date. Software updates frequently include security fixes, so the longer you take to update your software, the longer you are vulnerable to known threats. Enabling automatic updates can make this process simpler.
• Take passwords seriously. You keep important things like bank information or credit card numbers in accounts with passwords. So follow all of those things you hear: choose a mix of letters and special characters, resist making it easy to guess, and don’t use the same password for every online service.
• Those security questions you have to answer? Use fake information. Information like your mother’s maiden name is relatively easy to find out, so rather than using the real thing and risking someone resetting your password, choose a fake answer instead.
• If you’re accessing the internet on a public network, take extra care. Make sure your firewall is running. Make sure your e-mail program is using a secure connection. Visit secure sites (with https / a padlock icon) when possible.
• Download cautiously. A file may not be what it seems, so only download files from trusted sources and with known file types.
• If you upload photos to a social network, disable the automatic location feature. Location data can pinpoint users with unsettling accuracy.

Also, when you’re creating a profile on a social network or other website, don’t share these pieces of information:

• Home address
• Personal phone number
• Birthdate or place of birth
• Mother’s maiden name

This information can be a great starting place for an identity thief, so making them public is risky. Providing false information for these fields can help reduce the risk considerably.

You should explore where investing in cyber insurance is a good move for your business. The coverage is designed to provide funds to help your company operate in the short-term aftermath of a cyber breach or significant data loss. In addition, some policies include training and loss-control measures to help reduce the risk of a breach, or to mitigate the effects if a loss occurs.

By following these steps, you can give yourself a fighting chance against would-be thieves.