CyberPolicy is monitoring news of the coronavirus (COVID-19) outbreak and has activated a business continuity plan in response to the situation. We have implemented precautionary and preparedness measures to reduce exposure to the coronavirus and are prepared to maintain normal business operations.
X

Lock It Down! Cybersecurity Basics for Small Businesses

“Cyber security” is a buzzword that’s been floating around for the last couple of years. Buzzword or no, being hacked is a very real and present danger in an increasingly globalized and connected world. Nowhere are threats to cyber security more present than in the small business sector where more than 60 percent of all cyber attacks occur.

As if running a business weren’t enough of a challenge- what with making the rent, paying your staff (and yourself if you’re lucky), and keeping your customers happy; now you need to become a cyber security expert on top of it all.





As it turns out, the basics of cyber security are actually pretty basic. It doesn’t take long to lock down your passwords and your email account, and you don’t have to be a Genius Bar expert to do it.

Cyber security basics: You and the Internet

Everyone, small business owners included, have a lot at stake when it comes to their finances—and especially their identity. Small business owners often have their business finances linked in some way to their own, so a hack can often mean a criminal has access to both your business and personal finances or identity.

Let’s go over some basics that go a long way in protecting you against cyber threats.

Secure your browser

The temptation is to default to using whatever browser came with your computer—whether that’s Chrome, Firefox, Safari, or Internet Explorer. They're are all easy to use, but their main job is really to sell stuff like your data and browsing history to third-party companies, especially those that sell advertising. That leaves you vulnerable to security breaches from ads and tracking software. Even if you aren’t worried about your personal computer or your phone, protecting your business’s digital records makes sense.

If you are a diehard Chrome, Firefox, or Safari user and you want to stick with it but want extra security, consider using plugins, which let you customize your browsing experience.

I have two favorites. The first one is HTTPS Everywhere, which is available for Chrome, and Firefox. It takes un-secure web addresses (those that start with HTTP) and makes them secure by changing them to HTTPS. HTTP stands for “hypertext transfer protocol” and defines how information is transmitted and received over the web. The 'S' on the end means that information is being transmitted via Secure HTTP (S-HTTP) or Secure Sockets Layer (SSL), which encrypt information passed between a client (browser) and a server (web site).

My second favorite is Adblock Plus, which works on Chrome, Firefox, and Safari, and blocks most ads from appearing in your searches, blocks annoying pop-ups, and reduces the risk that you’ll click on spam.

Add-ons are great for customizing your browser experience and adding layers of security. But you can go a step further and use a browser specifically built with security and privacy in mind. Opera is perhaps the most popular and highly-rated of the new crop of security conscious browsers. Another browser that keeps making the top ten lists is Epic Browser and the best part is - it’s free.

Opera and Epic are all about keeping your data private and delivering a secure browser experience that functions similarly to way your default browser functions with security add-ons like Ghostery, Adblock Plus, and others. Either is a great browser to use if you have multiple people accessing your business computer(s) and want to ensure that they aren’t inadvertently putting your security at risk.

Secure your passwords

Most people either have a ton of different passwords, which are a nightmare to keep track of, or they use the same password for everything, which is like having one key that opens your car, your home, your safe, your diary, and your mailbox. The risk is obvious—lose that one key and all of those things become vulnerable.

So, if you’re not already, use unique passwords for each online account you have! Is it a pain to track of all those passwords? It doesn't have to be.

Try using an online password manager, my favorite being LastPass. LastPass allows you to organize all your online passwords under one “super” password, meaning you only ever have to remember that one password. You can use their services, via a browser extension or by going to their site, to login to any site for which you’ve saved a password. It’s free for individual use, but if you run a business, you can upgrade and set up accounts for each member of your staff.

Secure your email

Your email account is the front line of defense when it comes to protecting your privacy and security. That’s partly because it’s where a lot of personal details live, making it a prime target for cyber threats. Securing your email is all about awareness.

The folks over at software security company Heimdal Security have great articles on their blog for tips on increasing internet security. When it comes to making your email more secure, they have a great how-to on securing email accounts if you’re using one of the bigger email servers like Gmail, Yahoo, and Outlook. Although I recommend reading their piece for more details, we’ll keep it simple here and focus on the two biggest dangers related to your email account: password security and spam.

Password Security

Setting up protection for your email account is actually really simple through 2-step verification. Two-step verification works pretty much like it sounds: when you login to your email account, you'll be asked to provide a second verification (in addition to your password). The most common, is SMS verification. If you were going to your Gmail, for example, you would put in your email and password, then Gmail would send a text to your phone with a unique six-digit code. You’d need to enter that code into Gmail in order to proceed to your account. Here’s how to set up two-step verification for Gmail.

Spam

With threats like spam, malware, and phishing, it can be difficult to tell what’s real and what’s a scam when it comes to emails. Avoiding them is trickier than setting up two-step verification. You might, for example, get an email from what looks like a financial institution with whom you have an account, or even an e-card from a friend—but these can turn out to scams designed to trick you into providing your bank account numbers and passwords, or to open an email that will automatically download malware that will infect your computer.

The best way to guard against these types of spam scams is to follow the old adage from my high school Home-Ec class: “When in doubt, throw it out.” Just like that week-old Thai food in the fridge, if an email seems like it could be dodgy, don’t take the risk. If you’re in any doubt about the legitimacy of the sender, delete the email before opening it.

If you’re worried that an email actually is from your bank, then get on the phone or go to your branch and inquire directly with a bank representative as to the email’s authenticity. As a rule: no one legitimate is going to ask you for personal or private information over an email, including account and Social Security numbers. In fact, a legitimate organization like your bank will usually tell you never to provide sensitive information via email.

Caveats

Remember nothing is 100% secure; we just don’t know how vulnerable a system is until the hackers have given it a run for its money. That includes HTTPS sites, which do not guarantee absolute security. If you’re sending money or sensitive information over the web, make double-sure it’s going to a reputable entity, and that you’re on that entity’s actual website, rather than a look-like site. And, remember, you’re only as safe as the company you keep. If you spend time hanging around on unsecure, spammy sites, you’re more likely to find malware.

A robust cybersecurity plan should involve education, anti-virus software, and small business insurance that includes a cyber insurance policy. Visit Coverhound today to compare rates online and find the right policy to meet your needs.



This article originally comes from our friends at TownSquared. TownSquared is an online community for local businesses. It allows you to connect with other businesses in your area and receive instant notifications from your community around topics like: Marketing Tips, Local Partnerships, Hiring, Finance, and more!

© 2010 - 2021 CoverHound, Inc. All rights reserved. CoverHound© is a trademark of CoverHound, Inc. DBA: CyberPolicy Insurance Solutions - CA License No. 0L13180. DBA: CoverHound Insurance Solutions - CA License No. 0H52375