Have you ever had to lock up the office for the night? Before you leave you probably take a lap around every room, making sure every window is sealed shut and every door is locked tight, only to get home and still wonder “…but what if I forgot one?” We check and check again to make sure our businesses are physically secure from intruders, so shouldn’t you be taking the same measures to secure your business online? Here, these business owners and cyber security professionals are sharing the measures they take to keep their businesses secure online.
Protecting Your Backups
One really important security step we take is protecting our backups. If your server is sending data to a backup server, then someone breaking into your primary server can simply find their way to that server and hack it too, destroying all your backups. What we do is have the backup server connect to the primary server to collect the data. This way, there’s no traceable route to the backup server, so backups are always safe.
Daniel Williams, CEO of Monsta Limited
Activating Double Authentication
The biggest thing we are doing to protect our business is activating double authentication for all the software and services we use as a company including email. This means that in addition to having our login, a hacker would also have to have access to the employee’s cell phone in order to get into our accounts. This significantly reduces the possibility of a password-related security breach.
David Waring, Co-Founder of Fit Small Business
Utilizing a Firewall
Most websites nowadays are created in WordPress. This is a fantastic platform but it does have a standard link to login to the back-end. Protect yourself by adding the free Wordfence Plugin to your site. This will allow you to get alerts when somebody is trying to hack into your website. It will also help you block specific IP addresses and check for viruses.
Jeff Nevarez, Owner of TechXperts.guru
Securing With Encryption
Data on the move should be “encrypted in transit” – this means using HTTPS/SSL for your website and web applications, as well as connections between database servers. Encryption at rest – data on persistent storage (such as server disks, server backups, database backups, etc.) are all to be encrypted where possible. Lastly, personal data and private data (consumer names, phone numbers, and email addresses, in addition to the traditional items such as credit card numbers) is often the target of a breach attempt should be protected with encryption as well – perhaps as a database column encryption.
Tim Platt, VP IT Business Services at Virtual Operations LLC
Embracing the Cloud
We are fully embracing the Cloud — through several Cloud providers — in order to secure our online business. Our infrastructure would require that an attacker hacks all of our Cloud providers in order to obtain any valuable information on our clients. In other words, we have opted for a decentralized Cloud approach as part of our cyber security protocol.
Jonathan Rodriguez, President and Chief Executive Officer at BitMar Networks
Reducing File Shares
A less obvious thing that we do as a business is using Google drive for our files. While not specifically done for security reasons, the fact that we are sending links to Google Docs to each other instead of emailing around file attachments reduces the risk that someone inadvertently opens a malicious file.
David Waring, Co-Founder of Fit Small Business
Educating Your Staff
When protecting a business online, it is important to remember that there are no silver bullets and nothing can be done to mitigate the risks down to zero. That said, technical controls that secure endpoints against common attacks, and properly configured firewalls, are a good starting point, though not enough by themselves.
Given that humans tend to be the weakest link in any security setup, a robust set of policies should be in place which clearly lay out the “rules” of the organization, detailing its stance on topics from information security to bring your own device and network security through to acceptable use.
Lastly, the people themselves need a certain degree of awareness training so that they don’t fall for the most basic types of attack, such as phishing, CEO fraud, and malware attached to emails.
Lee Munson, Security Researcher at Comparitech
Is It Time to Secure Your Business Online?
Simply put, YES! If you have yet to secure your business online, you’re already putting yourself, your employees, and your company at risk for cyber attacks. Creative Click Media offers outstanding security and maintenance packages to help keep your business safe and running smoothly. Contact us today to find the cyber security and maintenance package that’s right for your business.
