How to Outsmart the Hackers

(and keep your business accounts safe)

I recently had a client that called me in a panic. It was almost midnight, so I knew something was wrong.
 
Their Facebook had been hacked, then their account password and linked email account were changed.
 
They lost access to their business Facebook page. 
 
And then the credit card charges started rolling in. 😱
 
Uh oh.

Swift action

Upon hearing this news, I knew exactly what to do: I swiftly flagged the account with Facebook support, locked the credit card and started monitoring the page for unfavourable activity.
 
Then we got to work figuring out why this event had happened.
 
As I worked through this situation, helping to regain access to the business accounts, it got me thinking.
 
Internet security is hard. And, it is getting more and more difficult to keep your business accounts and data safe online.
 
When you’re a small business owner, you have to wear a million different hats and sometimes security just isn’t top of mind.
 

"A chain is only as strong as it's weakest link"

Abi Gatling
 
While this is completely understandable, it’s important to keep in mind that “a chain is only as strong as it’s weakest link”. Ie. your data is as secure as your least secure team member.

If you and your team aren’t aware of the online dangers, and keeping security front of mind, it can be easy for things to slip through the cracks.

The results of data breaches can be from as mild as a small inconvenience, through to being as serious as significant financial loss, reputational damage, operational downtime, legal action and loss of sensitive data.

Yikes!

So how do you keep your business accounts safe from harm?

 

Here are my 5 top tips for creating a more secure environment for your business accounts:

 

1) Set up Two-Factor Authentication

The very first, and most simple tip, is to set up two-factor authentication (2FA) on all of your online accounts.

2FA is a system that requires two separate, distinct forms of identification in order to access your accounts.

That means that in addition to using a password, you also have another method to check your identity.

The second method (or factor), could be a text or email with a code sent to your phone or email account. Alternatively, it could be through an authentication app on your smartphone or tablet.

Often these codes expire if not activated in a certain time period. Which means that hackers can’t spend hours guessing the code to get into your account.

2FA is one of the most effective ways to secure your accounts, and most programs have this option available. So, don’t hesitate – do this today!

 

2) Have Strong, Unique Passwords

Weak passwords, ie. passwords that are common or easy to guess, seriously puts your online security in jeopardy.

Likewise, having the same password for every account means that once one password is compromised, all of your other accounts are at risk too.

I recommend having a different, strong passwords for every account.

So what is a strong password? 

A strong password is something that is not easily guessed, one that doesn’t follow a clear pattern and includes a mix of numbers, letters, capitals and punctuation.

Some weak passwords to avoid are:

  • variations of 123456, 123456789, abc123
  • common words such as qwerty, admin or password
  • the name of your company or staff member

The most commonly used password is 123456. Are you guilty of using this?

John Doe

3) Share Passwords Securely

While best practice is to have different log-ins for each staff member, the reality is that this can quickly add up and become too costly for a small business.

So, if you cannot provide different accounts for each member of your team, you need to find a way to securely share your passwords with each other.

And no, this is not by creating a Passwords folder on your drive or by having them written on a post-it note on your desk (seriously!).

The best way to do this is with an encrypted password manager. This will allow you to share log-in details securely, and keep them up to date easily.

I recommend using LastPass. It is one of the most commonly used passwords managers around, and it has a great free version available.

There are other alternative password managers out there, but be sure to do your research first before handing over all your data!

 

4) Review and Update Your Security Regularly

No matter how many great security measures you put in place, there will always be slip ups that render your data insecure.

So, in addition to my tips above, I also recommend that you regularly review your accounts for any suspicious activity.

Lastly, my final tip is to update your passwords every so often, including every time you have a change in your team members or if anyone in loses a device (eg. by leaving it in the back of an Uber!).

5) Create Security Rules for Your Team

And lastly, one you have enacted my tips 1 – 4, the final step in boosting the security of your business accounts is to have your team on board in helping manage these risks.

I recommend that you have some guides, rules or minimum security standards in place for your team. And, then ensure that your team are aware of these rules and are shown how to enact them.

In addition to my tips above, your guides could also include:

  • statements around password security (eg. never writing a password down)
  • advice on how to identify scam or fraudulent emails
  • rules around installing software on business assets
  • ensuring that all devices have an auto-lock setting activated and are secured with a password

For best results, these security rules for your team should suit the context of your working environment (ie. be practical to manage), and also should include any industry or legislative requirements too (I’m looking at you, Financial Planners!).

I recommend that these guides are reviewed and discussed periodically in your team meetings, because if the team isn’t on board and compliant, then this will jeopardise your security.

 

Best of luck with your internet security! If you would like to know more, subscribe to our newsletter or book a time to chat.

On Trend

Most Popular Articles

Blog image title card: How to Avoid Information Overload

How to avoid information overload

We all know how draining it is to be faced with an email, report or website that is chocablock with text.

Paragraph after paragraph, page after page of facts, numbers and buzz-words can be intimidating.

And for many people, it can be unintelligible.

Read More »

Explaining the SEO Jargon

As a business owner, you know you need SEO – everybody is talking about it! But, what does that actually mean? And why do you need it? Here is a run through of the SEO terms that you need to know.

Read More »