If you run a small business, then you also have access to valuable data. That might be data about your own company’s financial circumstances – or perhaps even your own financial circumstances. It might mean the tax and salary details of your employees.
More likely, it could mean the credit or debit card details, phone numbers, email addresses, and physical addresses of your customers. You might not think of the data that your business stores as an asset, but hackers do – and they’ll do whatever they think is necessary to get their hands on it.
You might think that as a small to a medium-sized firm, you’re at less risk of hacking than a large company might be. That’s the wrong way to think about it. The biggest companies have enormously expensive protection that would take even the world’s most skilled hackers days, weeks, or months to penetrate – and that’s if they’re ever able to get access at all. Even then, it’s still not enough, as EasyJet just found out to its cost (and to the cost of nine million of its customers). A small or medium-sized company is much less likely to have expensive or sophisticated anti-hacking protection than a large company is, and so they make for much more realistic targets.
Hackers will always exist so long as we continue to store sensitive data on computers that can be accessed over the internet, so following that logic, we can assume that hackers will exist forever. They’ll always be trying to move a step ahead of anti-hacking software and hardware, while security companies attempt to keep up with them. If you do get attacked, it’s likely that the hackers aren’t even targeting you personally. To them, it’s like playing a slots. They’ll try to get a ‘win’ by breaking into your systems, and if they can’t, they’ll move on to the next entity on their list in the same way that an online slots player will spin again if they don’t win anything. Just as an online slots player only needs one good win to make the pasty fifty losing spins worthwhile, a hacker only needs to break into one network or computer to make the past fifty fruitless hours of trying worthwhile. Here are a few tips that can help you to ensure that your systems aren’t the ones that a hacker gets lucky with.
Use better passwords
We can repeat this advice until we’re blue in the face, and yet there are still millions of people out there who don’t pay attention to it. Even here and now, in the year 2020 and two decades into the internet age, the world’s most commonly used password is still ‘123456.’ The next most common password after that is ‘password.’ if you’re still using either of those passwords, you might as well post an advert on a public forum and ask for someone to come and hack you. Every single password you use on any server, or to guard any data you care about, should be made up of at least three words connected together. It should feature upper and lowercase letters. It should feature special symbols. We all know this, and it’s time we started putting it into practice. If you struggle to come up with good passwords, use a password generator.
Cover all webcams
You might need webcams for video calls or conferences every so often. That’s the only reason we don’t suggest disabling them completely. When they’re not in use, though, cover them with a piece of tape. Webcams are the most commonly-hacked aspect of any laptop or desktop computer, and when someone has control of them, they can see what you’re doing at all times. They know when you enter and leave your office. They might even be able to see important documents, or where you store your valuables. They can’t do any of these things if the webcam is covered. Use a piece of dark tape, and keep the camera covered until you need it. When you’re done, put the tape back in place.
Manually update all software weekly
Yes, we know it’s annoying when your computer wants to update in the middle of you doing something important. It’s even more annoying when your server wants to do it. Ultimately, though, these updates are important. They often contain new security code or security features designed to safeguard your systems against the latest cyber risks. You need to make sure you get all of them. You could turn auto-updates on, but in doing so, you lose control over when the updates happen, and you run the risk of one or more computers ‘falling out of sequence’ if for any reason the update fails. Instead, make it either your business or the business of your IT staff to manually update everything once a week. That way, you have oversight of the process, and you can choose convenient times.
Dual factor authorization works
Your most sensitive data should be safeguarded with dual-factor authorization at all times. That’s the easiest way to make sure that you’re being as safe as you could possibly be with it. With dual-factor authorization, hackers can’t even get access to sensitive data even if they manage to acquire the correct username or password. They would also need access to a separate device – usually the phone handset of whoever’s responsible for the data – to complete the authorization process. Without that phone, they can’t get in. This also works as an ‘alert’ system; if someone tries to access your data without permission, then your data officer will be alerted when their device prompts them to complete the two-factor process.
Keep your eyes on your firewall
Your firewall is there to defend your data and your valuable files and to keep intruders out. Despite what people used to say about Microsoft and Windows, the firewall that comes with the latest version of Windows works well. It can, however, be deactivated. Some security updates require the temporary disablement of the firewall. It’s also possible that adding new hardware to an existing system might require the firewall to be briefly turned off, too. Your system should automatically turn the firewall back on at the earliest possible opportunity, but sometimes it doesn’t. This is always worth checking, and it should be part of somebody’s daily duties. If that firewall is down, anyone with basic computer skills can gain access to your data with a minimum of difficulty.
We’ve tried to keep this data hackers advice as jargon-free as possible, so we hope it was easy to understand, but go through it with your IT staff if you’re not sure of any of it. Implementing it shouldn’t require a significant amount of time from either you or your employees, but it could make the difference between being safe or having reason to be sorry when it comes to data protection from hackers.