Security on-line is even more important today when operating a business on-line or merely having a web presence. So how safe is your business from hackers?
It’s essential that the necessary steps are taken to protect an on-line business from hackers who could steal vital information, or viruses which could bring your computer system – and your business — crashing down. Although no system can be foolproof it would be wise to put as many safeguards in place as possible. Hackers will look for easier targets, so what follows are the steps that security specialists recommend that business owners take to protect their systems.
1. Change account names and default passwords from those that were first used when your computer system was installed. One of the most common security mistakes that on-line businesses make after installing a machine or software is not reconfiguring it for security. It can however be easily corrected by making it more difficult for hackers to gain access, as they would not know or be able to determine what the original settings were.
2. Update your computer operating system on a regular basis. Manufacturers upgrade security safeguards often, and signing up for automatic updates that install security patches is well advised. Hackers are often on the lookout for systems that don’t have the latest safeguards. Install anti-virus software, again with automatic updates. Reputable software should also be put in place to block spam and detect spyware. These malicious programs can be installed secretively from an external computer system and steal sensitive information.
3. Ensure encryption software is used to protect your customer’s financial information from theft during transactions. Visa and MasterCard for example require most businesses operating on-line to verify that they have taken a number of steps, including data encryption, to protect customers who use their credit cards. If you meet those requirements, your on-line operation is likely to be fairly secure.
Most small businesses, don’t have the resources or the security expertise to implement these safeguards so it may be a good idea to outsource payment processing to a company like eBay or PayPal. Ensuring compliance for in-house payment processing can cost at least twice as much as outsourcing.
Encryption can also foil a hacker who has gotten into the company’s computer system but can’t decipher the information. Encryption is also important for protecting a company’s internal data such as personnel files, financial accounts, product information and other data.
4. Limit access of sensitive information to those who need to see it. Special software can detect unusual patterns of activity in the computer system. There is also software that can monitor outbound communications to make sure certain information isn’t leaking out. For businesses whose employees need remote access to the company computer system, they should need more than just a user name and password to gain access. Using a token system that displays a second password that changes regularly for example, would be a good idea.
5. Backup your data on a regular basis. A daily backup with three levels of external backups is essential in a busy office. Three levels are rotated in sequence so that you will always have three days worth of backup to fall back on if required.
6. Consider hiring a professional IT company to conduct a security check on your systems on a regular basis, say every six months for a small to medium business.
As if these dangers don’t provide enough to worry about, a new concern is emerging about personal smart phones, mobile devices that can handle email and Web surfing. Private phones are more vulnerable to hacker attack than ones connected to a company network. A number of companies are introducing inexpensive mobile software that encrypts email traffic, or monitors phones for suspicious activity. While the threats have been minimal and more of an annoyance so far, they are something to keep an eye on.