When you leave your home, you lock the doors. When yo go for an extended family vacation with the kids abroad, you buy travel insurance. Because you know that security is important. So when it comes to your small business and your most valuable digital asset, your website, make sure that you protect them as well. It’s better to be safe than sorry.
I’ve collected 10 quick tips how you can make your small business and website more secure in 2020. Each of these listed tips are easy to implement.
Choose strong and unique passwords
For all your online business applications, including your website, as a best practice choose a strong and unique password. Most apps have some sort of indicator showing how strong your chosen password is setting it up sign up. Always follow their guidelines and come up with one that’s on the strongest scale.
Find some suggestions below to make your passwords strong and hard for a stranger to guess:
- Use random uppercasing (for example,”upPeRcasinG”), or
- non-standard word spelling (for example,”spellllllling”).
- Use personal slang words, or
- combine phrases from 2 different languages.
- Add to the above mix non-obvious numbers and symbols (note: using “$” for “s” or “0” for “o” is fairly common and likely not enough of a security measure).
Use 2-factor authentication
Another way you can secure your business tools and website is enabling two-step verification. This adds an extra layer of protection to your accounts.
If you turn this on, then any time you sign in to the relevant account, you’ll be required to enter a unique code sent to your phone. Or a one-time, time-limited code generated from a supported mobile app, like Google Authenticator.
Change your passwords regularly
Another way to help keep your passwords secure is by keeping them fresh. Aim for changing them regularly, at least yearly. And never repeat used passwords. Instead tweak them a bit by using one of the strong passwords criteria mentioned above.
Backup your data
Your business holds critical information like client names, invoices, transaction details etc. A lot of that needs to be kept for tax & legal purposes for several years. Make regular backups of your databases. You can have them stored on physical devices or in the cloud. Both are safe and vulnerable! Best is to have more than one backup.
And don’t forget your website either. Before any major changes, software upgrades or plugin updates, create a backup of your WordPress website. Should anything go wrong, you’ll have the opportunity to roll back.
Update your online tools, apps & softwares
When an update is pushed out to your smart phone, you install it immediately. Do the same when you’re prompted by the many apps you’re using in your business. Be it your antivirus, anti spam, Firewall software or as ‘simple’ as your operating system on your laptop – always install the latest updates. Otherwise you leave your devices and applications vulnerable.
Be cautious when working on public Wi-Fi
Many location independent online business owners like to work in public spaces. Wherever they can find free Wi-Fi and a cozy environment. But with open and public Wi-Fi you need to be extremely cautious when working on client projects. These connections are rarely secure and your data and information can be accessed easily by tech-savvy or harmful third parties.
As a safety measure when using public Wi-Fi never login to critical applications like your bank account, or where you keep clients’ data like your customer relationship management system (CRM). Limit your activities to internet search/research, drafting ideas on Dropbox Paper, GoogleDocs or similar.
Don’t work on sensitive data on planes
Location independent business often means also travel opportunities. But you never know who sits right next to you on the plane. If they wanted, they could read every line of your email, presentation or spreadsheet.
If your flight is long, and you want to kill the time on your laptop, play a game or watch a movie instead of working, and risking your client data and information be compromised.
Mind those email attachments
Malicious email attachments are often the cause of hacks, network attacks, and data breaches. Install email scan softwares and spam filters. But even if these tools may declare the attachment as “safe” or “clean”, if you don’t know the sender and didn’t expect an email like that coming, it’s always best to double-check it before opening.
Use an SSL connection on your website
SSL, that is a Secure Socket Layer certificate ensures that the online connection between your users and your website is secure and any information that passes between web servers and browsers is encrypted and transmitted securely.
If you’re running a web shop it’s a must to get a site-wide SSL certificate and increase trust. But even if you ‘only’ collect subscriber data like names and email addresses to grow your email list, an SSL certificate helps prevent hackers and eavesdroppers from accessing and intercepting data as is moves over web servers.
Use reCAPTCHA on your web forms
If your website is built on an open source platform like WordPress.org, you have likely received weird spam or comments from strange sources that have nothing to do with your website.
To reduce this, you can enable reCAPTCHA on forms to ensure humans are filling out the necessary information. An alternative solution is to add so called honeypot fields to your forms, that are only visible for spam bots. As they fill in these fields that are hidden from the human eye, those form submissions get blocked as spam, and will never even delivered to you.
You can install plug-ins as well, that can filter spam from coming through your forms, like when someone comments on your blog posts. They won’t get rid of 100% of spam, but it’s a step in the right direction.
- Choose strong and unique passwords
- Use 2-factor authentication
- Change your passwords regularly
- Backup your data
- Update your online tools, apps & softwares
- Be cautious when working on public Wi-Fi
- Don’t work on sensitive data on planes
- Mind those email attachments
- Use an SSL connection on your website
- Use CAPTCHA on your web forms
What security measures do you use to protect your business and your website or blog?
Let me know in the comments.