The freedom that the internet has given consumers and businesses is among one of the most important developments in our modern society. Among the changes, our free market has evolved to a mostly eCommerce market, and as a result, the barriers for entry for many niches are as low as ever. If you want to sell anything online, all you need is a well-coded web domain and you could be selling products in less than 24 hours.
However, because it’s so easy to establish a business on the internet, there is low-hanging fruit for those who want to compromise your data. Not enough people take cyber crime seriously, and there is a lack of education for small business owners. According to a recent study, 78 percent of organizations in the US have been the victims of some type of cybercrime in the last year. However, criminals aren’t attacking Fortune 500 companies with robust IT departments nearly as much as they are targeting mom-and-pop startups or local eCommerce sites. So we’ve included a handful of easy steps small businesses can take to improve their cybersecurity.
#1. Secure Your WiFi, Limit Access to Data
The importance of securing and protecting access to your company’s wireless internet cannot be overstated. If left unencrypted, anyone within close proximity can insert themselves onto your network, eavesdrop on communications, and obtain your important data (they can even hold important information ransom, stopping your business production).
However, a generic password isn’t enough: in a study by NordPass that evaluated a database containing nearly 300 million passwords, more than 50 percent were common or easy to remember passwords that can be easily cracked. That’s why many security platforms recommend two-factor authentication as an added layer of security.
Who you let into your network is as important as who you keep out. That’s why experts recommend keeping sensitive data behind an additional layer of security or limit them to an inner circle of trusted employees. After all, there is an entire sect of cybercrime that derives from ‘inside agents’ who knowingly or unintentionally leave important information susceptible to malicious hackers.
#2. Secure Socket Layers
Arguably the only thing more worrisome than your password being compromised is your financial information being compromised. That’s why it is imperative that your business incorporate a Secure Socket Layer (SSL) license if you take payment online. An SSL certificate gives your site that layer of protection by focusing encryption resources specifically towards checkout and payment pages where your customers will be providing sensitive financial information. Think of an SSL as an additional combination lock on your checkout pages. This is such an important component to eCommerce platforms, even search engines have prioritized it in how they rank websites for specific keywords. A secure site that has incorporated an SSL license gets preferential ranking, all other things equal.
#3. Preventative Software and Backup Offline
Even if you take precautions and safeguards like endpoint protection to keep your company and customer data secure, hackers can sometimes feel like they are several steps ahead. That’s why it’s always a good idea to have antivirus software on your server to keep an eye out. However, downloading free antivirus software off Google can sometimes do more harm than good, filling your computer with malware in an attempt to get you to pay to remove it, so be on the lookout.
Additionally, you should always have a backup plan. In this case, your backup plan should be to backup your data! If you can afford it, experts recommend storing your backup on an ‘air gap’ server. If you’re unfamiliar with the term, air gap just means that it is inaccessible via an online web connection, and therefore unhackable. For example, I have an external hard drive that contains important tax and health information if something were to happen to my personal computer, but because it physically sits in my safe I don’t have to worry about someone remotely hacking into it!
If you are a small business owner, more than likely your expertise is not in cybersecurity, but in running your business! So trying to implement your own cybersecurity measures can feel like a daunting task. However, the important thing to know is that if you take enough preventative steps, you can avoid being an easy target to cybercriminals. If you are worried that your site has been compromised, it’s imperative that you consult fellow experts in the field, because time can often be of the most importance when it comes to playing damage control.
About the Author: Amy works with Broken Web, a global collection of volunteers working together to make the world’s information safe and accessible for all.