1. Always start with a strong password
Passwords are the absolute staple of internet security. Make sure that your passwords are not only strong but that they are also updated regularly.
Here are a few tips to keep in mind to ensure a secure digital environment for your business:
Have a strong password policy in place, where passwords must be at least 8 characters long with a combination of letters and symbols.
Update passwords regularly. Set a reminder on your calendar to change them every 30-90 days.
Use different passwords for each account.
Always lock your devices when you’re finished with them or taking a break from them.
Use a password wherever you can, including computers, phones, accounts and WiFi.
2. Enable Two Factor Authentication (2FA)
Two Factor Authentication takes your security up a notch, whenever you log into your account. You may already be familiar with this, from websites such as MyGov, or your bank account.
To log in with Two Factor Authentication, you’ll need to use your password and you will also need to confirm a second authentication factor. This is usually a unique code sent to your phone or email address, or in some cases, you will be required to answer a secret question.
You should aim to use 2FA wherever you can – especially for your banking, social media and cloud services. To learn more about this, check out these how-to guides from the Australian Cyber Security Centre.
3. Back everything up!
Loss of data can occur from not just a security fault, but also from power loss, software or hardware malfunctions.
Back up your data regularly so you can regain your lost information and minimise your losses. If you’re backing up on a physical hard drive, ensure you keep the hard drive somewhere safe. If you’re backing up your data on the cloud, always do your research to make sure they’re a reputable cloud company! At Central Telecoms, we generally use OneDrive.
4. Prepare for the worst-case scenario
Make plans for the worst-case scenario ahead of time so you can be prepared, just in case. Keep them documented so you have a procedure to follow in the event of a data breach. Consider the following:
- Do you have the contact details of an IT company in the event that your computer becomes infected by a virus or other malware?
- Do you know how to restore information from a backup to your device(s)?
- Will you need to contact IT support to re-gain access to your accounts on cloud services and social media?
- If an employee is leaving the business, what should be done to ensure they can no longer access business systems or accounts?
5. Secure your website
Many small businesses use Content Management Systems (CMS) to manage their websites, such as WordPress or Joomla. Some of these platforms have loopholes and security flaws that can be breached by malicious entities. Consider the following to secure your website:
- Hide the login button on your website from the public. To log into your website, use the back-end admin portal.
- Use a custom username and password. The default usernames for most CMS’s are usually too common and are easier to exploit.
- Be careful of the add-ons and plugins you download, as not all of them are safe to use. Research the add-on or plugin before downloading it and make sure it’s from a reputable source.