The confronting truth is that any one of us could be the target of hacking: as individuals, as small to medium businesses owners and even multi-national corporations.
There have been a number of high-profile cases including Equifax, Yahoo and Target, as well as Kmart and Slack in Australia. SMEs are certainly not exempt from the risk of hacking.
In fact, the internet security company McAfee has highlighted in a study that SMEs were operating under a false sense of confidence about their exposure to cyber-attacks. SMEs with fewer than 100 employees are actually more vulnerable to hacking because their defences are often not as strong as larger businesses.
Not only are business owners faced with the cost of re-building their website and other online presences – they are also hit by the loss of revenue and the harm to their reputation which follow website downtime after a hacking incident. That’s not to mention the possibility of sensitive data or customer information being stolen and misused.
The good news is that there are steps you can take to reduce the risk of hacking and damage to your business.
1. Be wary of emails
Email scams have become a lot more sophisticated. Forget about the days when you received a message from a so-called Prince who just needs you to wire him $2000 so he can access his millions and share them with you. ‘Phishing’ attacks use emails that appear to be from a bank, a software provider or any number of legitimate businesses and organisations, but are designed to trick you into giving out information like usernames, passwords or credit card details. They often use the logos and style of a well-known company and create a sense of urgency and panic by claiming your security needs to be updated. But if you check the senders’ details you might find they don’t match those of the real company, although it might be close. Legitimate businesses will not ask you to update or verify your details in this way. Unless you’re 100% sure the message is genuine, don’t click on any links, or open any attachments.
2. Strengthen your passwords
We’ve all experienced the frustration of forgetting a password, but old favourites like ‘password123’ simply aren’t strong enough to protect you and your business from hackers. A strong password uses upper and lower case letters, numbers and punctuation marks. They shouldn’t be based on personal information or stored in a saved file. Ideally, it’s best to have different passwords for your own system and for all your online accounts to reduce the risk of hackers being able to access everything with the same password if one account is compromised. It’s also advisable to change your passwords often, especially for high-risk accounts like online banking. Of course, it’s not easy to think of, let alone remember, dozens of unique passwords, but you can use a password manager. There are a variety of third-party software programs that will create and store passwords for you.
3. Consider two-factor authentication
Another tactic for minimising the risk of hacking and data breaches is to look for providers who offer two-factor identification for your account with them. This means that your account is protected not only by a password, but also by a secondary security measure: usually a one-use code sent to your mobile phone. Bringing in an extra device means hackers can’t access your account with the password alone. Another type of two-factor authentication offered by some providers, and which could be used for your own internal IT systems, is a physical security key. This needs to be inserted into the computer’s USB port to gain access, which again means that hackers would not be able to compromise your system with the password alone.
If you want to ensure you’re fully covered against hackers, ask us about our security audit package. Contact us to find out how we can help protect you.
If you liked this article, share it with your friends on Facebook, on Twitter @mspblueshift and on LinkedIn! Call us at 1300 501 677 for an IT Health Check today!