Business accounts can be hacked just as easily as personal accounts. Imagine all your hard work being held at ransom by a hacker or your data falling into the hands of someone who can sell it to the competition. You need to secure your business as best you can, and here are three crucial tips to get started.
1. Don’t let everyone see everything
Access to information is critical for any business. The right people need access to your records, client files, financials and everything else you need to run your company. But not everyone needs to see everything. Does the new guy need to see the accounts receivable file? Nope.
If you keep files in a cloud storage system, regularly check who has access to what. Restrict files on a need-to-know basis.
The same goes for software. You don’t want your employees accessing more than they should.
2. Do a password check
We’ve warned you about using the same login credentials for multiple accounts. This is important for your personal accounts — and even more so for your business.
If you use the same credentials for multiple accounts, a bad actor needs only to crack one password, and they’ll have access to everything. And you could be in BIG trouble if one of your accounts is breached.
There are a few essential password tips to keep your accounts secure:
- A password manager stores and generates login information for all your devices and accounts. These programs can be installed as software or accessed through a website, browser extension or the cloud.
- Avoid using a common word as the basis of a password. Go bigger and use a sentence. But don’t just write out a sentence; change it to make it harder to crack. For example, take the phrase “Cubs won the World Series in 2016” and abbreviate it to “cwtwsi2016.” Substitute some characters and cases, and you’ll have “cwTw$i2016.”
- For even more security, go with a full passphrase. In this example, you can use cUb$W1nW0rLd$3r13$1NzOI6. Now that’d be tough to crack! It’s also challenging to remember, so don’t go more complicated than you can keep track of.
As a general rule, we recommend at least 4 to 14 characters long. Use a combination of uppercase letters, lowercase letters, numbers, and symbols. Do not use a word that can be found in the dictionary or the name of a person, character, product, or organization.
3. Teach employees how to spot phishing attempts
Scammers need only get to one of your employees to cause severe damage to your business. Personal information, such as login credentials, can be found if they get into an employee’s inbox. Just think about all the critical documents in their inbox or sent mail.
Educate your employees on how to spot and avoid falling victim to phishing attempts. Here are some tips:
- Never give out personal information if you don’t know the sender of a text or email or can’t verify their identity. Criminals only need your name, email address and telephone number to rip you off.
- Carefully check that emails come from the usual email address of your contact. Look at the email address itself and not just the sender’s name.
- Pay close attention to the URLs in any emails or text messages. Check for slight changes in the letters, any misspellings or suspicious characters.
- Don’t click on links and attachments that you receive in unsolicited emails. In fact, don’t click on any link that raises suspicions, no matter who you think it came from.
- Advise employees to pick up the phone and call their coworkers to see if it was actually them who asked for important documents or information through email or text before replying to the message.
- Enable two-factor authentication (2FA) for all your online accounts that offer it. This will make it more difficult for hackers to access your accounts. Tap or click here to learn the benefits of 2FA.
We are here to help. Call or email us today. Don’t leave your valuable information to chance, it can prove to be very costly. Get in touch with us now.