Starting a business is rewarding, but it’s far from easy. You’re being pulled in a lot of directions, under pressure, moving fast, and probably tight on cash. Thinking about cybersecurity probably isn't what comes to mind as a first order of business—or budget. But it should be, and here are a few reasons why:
- A breach can be very damaging to your pride and joy – your business.
- Your investors, advisors, and customers will ask about your cybersecurity practices.
- Getting started doesn't have to cost you much of anything.
Inc. explains how half of cyberattacks target small businesses. Cybersecurity is coming front and center and there is no better time than now to start building your posture. Here are three simple things you can do today that won’t cost a penny:
1. Patch and Update
We’ve all been there – you’re on deadline, working like crazy, and you’re interrupted with an alert to update your computer or mobile device. It’s easy to click “ignore,” but updates are there for a reason. Many software updates, called “patches,” fix known secuirty vulnerabilities, and once they are released, cyberattackers can reverse engineer to locate the hole, then scan for devices that are not up to date. To keep your devices safe, set them to automatically update if you can. The same goes for applications you have installed on your device. If an update is released and you don’t have time to install it immediately, set a reminder to update during lunch or overnight.
2. Strong Passwords and Two-Factor Authentication
We're all using some degree of cloud-based solutions to run our businesses with some virtually running their whole business on a stack of these products and services. It's absolutely crucial to protect information with a couple of basic security measures:
- Strong Passwords: The passwords many people choose are not strong enough. The most commonly used password is 123456, trusted by almost 17% of users. Yikes! Long, complex passwords are the key to success. Many security pros recommend using passphrases such as song lyrics or sentences, including the spaces if the system allows, to keep it memorable and secure. And remember not to reuse passwords, no matter how complex. If a low-security website you once logged into is breached, hackers may have access to a lot more than you think. A good option to remember multiple passwords is to use a secure password keeper.
- Two Factor Authentication: 2FA is a great way to protect accounts in addition to a strong password. It's where, after entering your password, you need a code received by text message or in an app (e.g. Google Authenticator) before you can log in. Even if your password is stolen, it's very difficult—often impossible—for cybercriminals to access your accounts without the code. This feature is easy to turn on for most websites, usually found under account settings or privacy. When considering a web-based tool, make sure they have 2FA available to protect your information. Check TurnOn2FA.com or the security features of the software in question for more details.
3. Sending Sensitive Information
We use email to communicate just about everything, but the truth is that it’s not very secure. Kind of like a postcard, email can be easily intercepted, which poses a lot of risk when sending sensitive/confidential information. A few examples of sensitive content you might send via email include details about the investor offering, business plans, and information relating to IP. It's best practice to password protect any documents you wouldn’t want an attacker getting a hold of, then send the password to the recipient using a separate method such as a text message. Passwords add a layer of security to your email communications, and are easy and free to set up in many document formats. As your business grows, you'll want to consider using a secure email tool that blends seamlessly into your inbox to encrypt messages between you and your recipients.
A cyber incident can derail even the best of plans, so it’s important to take steps to protect your business. Of course, these tips are not just for startups—they are a great first step for businesses of all sizes and can even be used in your personal life.
Getting off the ground with cybersecurity doesn't have to break the bank, it can even be a key differentiator when touting your posture with customers, vendors and investors.
Get out there and start up...and stay up!
Your Friends @ Launch Security