By Tom Germain, CEO, Coder Scoop Inc.
CYBERSECURITY IS A serious concern for every business, both large and small. Unfortunately, most businesses do little to nothing to protect themselves from what could be a disaster to their reputation—and their bottom line.
But with just a minimal investment of time, you can do a lot to keep the hackers at bay. What follows are 10 easy steps you can take to protect yourself and your data from an attack.
1. Avoid installing apps from little known sources. Contrary to popular belief, the big mobile platform companies do not thoroughly check apps uploaded to their stores for malicious code.
2. If you use WordPress or other free CMS platforms for your website, be wary of installing new plugins and themes, and even more so for those that haven’t been updated in a long time. Many are badly written, and hackers look for them.
3. Never enter any data in a form on a webpage with an URL that doesn’t start with https://. Any data you enter in an http:// webpage will traverse the internet in plain text.
4. If you must use public WiFi, make sure you do it using VPN software, which will encrypt all your data before it reaches the WiFi router. Many WiFi routers are set up to use no encryption schemes of their own, and anybody can intercept traffic travelling over the air.
5. Treat links—particularly file attachments inside emails—with extreme prejudice. Emails are very easy to forge, and can even have been sent using a hacked email account. Typically, hackers use email links and attachments to spread viruses. Always run your cursor over links to see if they link to the real site it claims to be from.
6. Avoid visiting little-known websites, even if you’re linking via major search engines. They are the most likely sites to be spreading malware, thanks to the neglect of the publishers.
7. Keep all your software up to date, on all your devices and servers. If there’s an option to automatically update your operating system or software packages, turn it on!
8. Don’t use the same password in more than one place. Hackers are smart, and if they steal your login in one place, they will try the same login elsewhere.
9. Never use easy-to-guess passwords. Instead, make them long and totally random, including special characters if possible. You should then keep all your passwords in a password storage app such as KeePassX, needing only one password to access all of them. (And make that password hard for others to guess, too, but easy for you to remember!)
10. Use two-factor authentication wherever it’s available. Instead of just a username and password, such schemes dramatically increase your protection by requiring you to pass through another challenge, such as entering a code sent via SMS to your phone.
Tom Germain is CEO of Coder Scoop Inc. and organizer of the monthly Digitally Secure Business Workshop at Innovation Works in London. Tom can be reached at firstname.lastname@example.org.