The internet is both a beautiful and dangerous thing. On one hand, it has allowed the world to be connected on an absolutely unprecedented level. On the other hand, that type of connection alongside the negative nature of some people, has presented more potential security problems than one could possibly think up. It really is a double-edged sword that has become a necessity for many, especially for anyone working in business. However, just because something is a necessity does not mean everyone has an understanding of how to use it properly and safely. This is evident within the cybersecurity industry as numerous billion-dollar companies have fallen victim to some form of cyberattack. If some of the largest companies on earth are susceptible to a cyberattack, it stands to reason a small business may be even more susceptible. Richard Clarke, an author and cybersecurity expert, summed up the importance of being prepared for cybersecurity issues, “If you spend more on coffee than on IT security, you will be hacked. What’s more, you deserve to be hacked.”
In order to help you better understand how to be more involved and intentional about cybersecurity, we spoke with a few people who have experience doing just that.
Two-factor authentication
Karl Hughes is the CEO of Draft.Dev, a brand offering software to aid startups with their technical marketing. He suggests implementing an industry standard security policy.
“A good password is one thing, but having two-factor authentication is entirely different. To put it simply, this security measure ensures the person entering the password is actually the account owner. How is this done? Generally, after the password is entered correctly, the user will be notified that an email or text was sent to them containing a passphrase or set of numbers only available in that one instance of communication. Without that information, no one will be able to access that account. It doesn’t matter if it’s a computer login or important financial details, everyone in your company should be using two-factor authentication.”
Think about mobile
The reality of technology is that mobile devices are vastly different from a traditional computer. TakeUs! is a business providing soon-to-be-released NFT products. Their CMO, Loic Claveau, advises others to take this into account within their cybersecurity plans.
“The fact that desktop computers and most laptops don’t leave the business premises is one of the larger security advantages with these types of devices. Why? The security risk for these devices is much lower as accessing the physical office throws a series of hurdles in front of anyone who desires to do so. Mobile devices bring much more risk to the table because they’re constantly on the move. With private corporate data available on these devices, every company should take all precautions necessary to prevent this information from being accessed even if the mobile device goes missing.”
Software management
OSDB specializes in unique sports content and statistics. Their Co-Founder and CEO, Ryan Royyman, considers it essential for small businesses to stay current with the latest versions of any and all apps and computer programs used.
“It would be a huge mistake for a company to purchase software only to never update it. Not only would it hamper productivity across the board, it would leave them far more open to a cybersecurity issue. It’s not hard to set up automatic updates for most software at this point. If you or your team are having difficulties doing so due to the overwhelming number of applications requiring some level of attention, you can look to software that manages your software for you. It may sound a tad excessive but, generally, there comes a time when moving in this direction is needed.”
Old data management
Rob Bartlett is the CEO of WTFast, a brand offering a virtual private network for people who are playing online video games. He cautions others to be wary about how they dispose of pieces of technology which are no longer in use and yet still contain sensitive information.
“There are endless examples of businesses who don’t take care to manage their old data properly and it comes back to haunt them. I truly can’t blame them as it’s not the first thing that comes to mind when I think of cybersecurity. But, there are people out there who would get their hands on an old harddrive or smartphone which still holds old company data. There are options for how to go about doing this but really, so long as the data on those old devices is no longer accessible to a user or hacker, you’re good to go.”
Password measures
There is no easier way for a malicious user to accomplish their end goal than for them to discover a password. AdQuick is a business providing simplified out-of-home marketing. Their VP of Marketing, Lina Miranda, proposes taking steps to make sure this doesn’t happen.
“There’s two ways you can go about shoring up the state of your passwords company-wide. First, is to create a policy which demands that certain criteria be met by the person choosing or changing their password. I’m talking about all those cliche password password guidelines we all know: eight or more characters, upper and lowercase letters, and special characters. We know these guidelines so well because they work. Second, is the password management system. Essentially, it is a program running on your computer that creates and keeps track of incredibly complex passwords which are next to impossible to guess. Either way, measures to uphold password security are vital for small businesses.”
Backups
Y Meadows specializes in customer service software. Their Marketing Director, Brandon Lurie, believes exceptional thoughtfulness and expertise is required when handling data safety.
“Anyone running a business which doesn’t keep regular and secure backups is asking for trouble. There’s no way of knowing whether a system will fail entirely or if some unforeseen circumstance causes the loss or destruction of critical information. In some cases, the loss of this information could be much more than just trouble. This is why I implore anyone responsible for backing up data to do it in a way which covers any possible negative outcome. Obviously, you never want to use these backups, but if you do, you’ll be grateful they exist.”
Employee education
Patricio Paucar is the Co-Founder and Chief Customer Officer of Navi, a brand offering the ability to compare and contrast mobile phone plans. He advises those in charge to make it a priority to properly inform employees on how to steer clear of online scams.
“Employees getting phished at work seems to be an unstoppable force and it’s capable of wreaking havoc on the digital internals of a business. But, if you said that word to a group of employees, I can almost guarantee more than one will have no clue what you’re referring to. This is problematic on multiple levels primarily because how can someone avoid something if they don’t even know what it is? Unfortunately, the person in charge is the one responsible for educating employees on the details surrounding phishing. Ignoring the fact that phishing was one of the larger contributors to the total number of cyberattacks last year, and choosing not to educate employees, would be foolish.”
Anti-virus
The evolution of the internet paired with the cruel intentions of humans has led to the non-stop growth in anti-virus programs CloudForecast is a business providing Amazon management software. Their CEO and Co-Founder, Tony Chan, considers an anti-virus crucial to fighting back against a cyberattack.
“Let’s say you’re a soldier preparing to defend your city. Would you rather be behind a 40 foot wall or the Great Wall of China? I think the answer is pretty straightforward here. This is a word picture demonstrating the difference between built in virus protection and an antivirus program offered by a company specializing in cybersecurity. With how advanced every corner of internet technology seems to be, I think leaving the protection to the experts is the right decision for pretty much everyone.”
There is no shortage of tips and ideas for how to better protect a small business from a cybersecurity issue. Neuroscientist Abhijit Naskar, spoke to why a constant approach to cybersecurity is important, “No technology that’s connected to the Internet is unhackable.”