We have all heard the stories by now of how risky online business transactions are. There are more and more payment apps showing up every day. There are more hacks coming out in the news every week. And the average small business owner has enough time worrying about their product, let alone all these side issues.
Take the time to read this article to get yourself up to snuff on digital security issues. The tips in here will be good for the short term until you can hire an expert. Just don’t make the mistake of neglecting your online transactions so that you lose everything to a hacker early in your career!
Protecting your money, and your banking, in the digital world
There are four basics ways that you need to protect your business online. I’ll break these categories down into point form notes so that you can easily follow and implement them.
Communications to and from your bank:
- Phishing scams are a huge concern. This is when you receive an email claiming to be from your bank. There is a link in the email sending you to a website. The website asks for your information, sign in details or credit card numbers, and promptly steals them from you. Never trust these emails. All reliable banks have policies which forbid them from doing this. Call your bank to and report this problem.
- Banks do not use pop up windows. If you’re on what you think is your bank and there’s a pop up you should never enter information in it. These pop up windows could have been inserted by a hacker.
- Be sure to use the address of your bank provided by them. Do not click on links to them from social media or anywhere else. Ads can also not be trusted as anyone can purchase ad space, make it look like your bank, and steal your information.
Online links sent by friends and found on social:
- Bookmark the official website as advertised by your bank, or any other financial service providers, inside one of their branches. Spoof accounts abound, with just one letter change making all the difference. Anyone who is not paying attention can go right to a fraudulent site. We all use Google, but there’s no guarantee that the results they return to you are accurate either.
- Your friend/co-worker/customer sent you a link via email or social media with your bank’s address in it, or to their bank. Are you sure it’s from the actual person who sent it? Account spoofing is another phishing-style attack which is designed to gain your trust via your friend’s hijacked account. It could even be the account of an actual customer. Always sort out banking issues directly with your bank.
- Use WhoIs.net, or a similar site, to verify the authenticity of a website sent to you. That tool will tell you who owns the website. If the correct company matches up with the website you’re visiting, you’re ok to use it.
Using encryption and other advanced online security methods:
- The first piece of encryption you want to use, say when purchasing from a vendor, is on the website itself. All websites which are protected have a web address which begins with HTTPS. Websites which don’t have this protection start with HTTP. If you do not see this sign of encryption, do not do any sort of transaction involving money. The green lock at either end of your browser’s web address bar will also be on for secure websites using HTTPS.
- When conducting any sort of transactions on a network which isn’t your own, such as public WiFi, use a VPN provider. They will encrypt all of your communications and protect you from hacks which happen all too frequently in public spaces. Check out our IPVanish review for a provider that can encrypt your communications, and more.
- When out in public, only use your own devices. Public computers can have keyloggers on them which record your every stroke. They could steal passwords, credit card numbers, private company data, and anything else you type in. Again, use your VPN to encrypt your connection in public.
Digital security concerns on your own computers and devices:
- Your own computers can be the tools which give hackers access to your whole business. Your first step is to make sure that your operating system is completely up to date. The majority of the time these updates are for security reasons. All of your software and web browsers need to be updated next. These are again frequently updated for newly discovered vulnerabilities.
- Antivirus software with a firewall should be installed on every machine you use for your business. Not only do you risk your machine being hacked, but it could also be used as part of a botnet and be remotely controlled. Your firewall will block intrusion attempts, and your antivirus will eliminate anything which does get onto your machines. Remember that this includes your employee terminals.
- Replace and delete older programs which are no longer supported. You may have started your business years ago on a program you know well, but if it is no longer supported then neither are you. Security holes will open up, and your vulnerabilities will increase. It’s a pain to learn a new tool, and to retrain staff, but at least you all get to keep your jobs and avoid being hacked!
Who is responsible for your small business’ online security?
You, the owner and upper management, are responsible. You can’t just assume that you’re working with vendors, and using websites, which protect you. You can’t assume that the public WiFi you use to approve a deal remotely is safe. You have to protect yourself.
Update your operating system, make sure your software is still supported and relevant, and use a VPN to stay encrypted. If you don’t take these steps in the early life of your business, no one can do them for you.
Marcus is the online security writer for Best VPN Provider’s VPNs and Online Privacy blog. You can find him there on Wednesdays with a new post going up weekly. For the Twitter users out there, tweet at @BestVPNs with your questions and give us a follow!