Keep Your Small Business Safe in the Age of Cyber Attacks

Posted 2 years ago in Small Business Tips
by Jenny Rollins

Phishing, get it?

While I hate to the bearer of bad news, if you have a Yahoo email account, you’ve probably been hacked at least once in your life already. I can say that with relative certainty because the accounts of over 1 billion Yahoo users were compromised, so let’s talk security.

We think a lot about your security but even if we’re your go-to accounting and invoicing software, we can’t protect your data that’s outside our system.

What do you do when you’ve been hacked?

First things first, change your password. Even though you might not have sensitive information tied up in an old email address that you only use when you’re afraid of getting spammed (if you’re like my wife), your email password might be the same password as much more sensitive accounts like your bank account or online shopping profile.

Sometimes accounts will force you to change your password regularly. While their attempts to keep my information secure are appreciated, changing a password to something your not going to remember doesn’t really make your account that much more secure. You’ve probably reset your password more times than you care to admit because you’ve been forced to use a password that you haven’t committed to long term memory.

Here are a couple possible solutions for your password headaches.

Use a password keeper.

Using an app to keep track passwords for you can give you a ton of freedom. If you don’t have to worry about remembering what your password is, you can make your password much more secure without worrying about forgetting it. Every password can be completely different, and you can even use a password tool to generate a random password.

Come up with a system.

Let’s say that you have a password that is your “go to” password. Well, you can still use it and have each password be different and secure based on what account you are accessing.

For example, you start each password with an acronym that represent the site that you are logging into followed by a version of your password that you can remember. For instance, if my password for everything was “Z1pB00ksIs#1,”, I could add an “FB” in front for my Facebook account or “LI” for my LinkedIn account. Set up a system that you can remember.

Obviously having completely random passwords would be more secure, but it adds a layer of protection against a hacker that compromises one of your accounts. We manage so many accounts that you want to make sure that if one proverbial domino falls, they are spaced out far enough not to knock down any others.

An ounce of prevention is worth a pound of cure

So, how do you prevent hackers from accessing your accounts in the first place? No system is perfect, but you can take common sense measures to protect yourself from the most popular kinds of hacking.

Don’t write it down.

A post-it note might be the undoing of all your hard work to secure your private data. Is it really worth it? A password that you write down can be stolen or found by a bad actor. If you insist on writing down your password, at least write down a couple other passwords as well or make it hard to figure out which part you actually use.

Don’t fall for the phishing bait.

Don’t put in your username and password into a form that you didn’t navigate to yourself. This is how Russia was able to hack the emails of many politicians in the news. One staffer received a message he was being hacked and was asked to reset his password, but that message was the actual hack. Getting an email with a link to reset your password that you didn’t initiate yourself is 100% bad news. This sort of attack is a little embarrassing and only really comes out in the news, but it’s actually very common.

Keep your lips sealed.

Don’t give out your password to people who don’t need it. Also, don’t forget to reset passwords after an old employee that knows a lot of confidential information has left. They might not do anything malicious, but are you willing to bet the health of your company on it?

Get anti-virus software.

While getting up-to-date anti-virus software won’t protect you from a sophisticated, targeted attack, it will keep you safe from the most common attacks. You are much more likely to accidentally get caught in a net than to have someone go after you with a speargun.

Stay informed.

Set google news alerts for the online scam news, and keep yourself educated. Scammers are always changing their approach. You can keep up with them by reading the latest news so you don’t fall prey to that type of attack.

Practice good bookkeeping hygiene.

Most attacks are geared towards financial gain, so regularly verifying the validity of the transactions going through your business account will warn you early on about a possible hack.

Encrypt your data.

Even if hackers somehow get access to your files, it won’t do them any good if they don’t know how to read the data. Here are some free tools you could check out to encrypt your files for you.

ZipBooks uses many of the best practices above to secure your data against compromise including limiting who has access to account and keep data secure and encrypted.

As the cost of technology continues to drop, programs are more likely to be free, but the cost of implementing broad-based cyberattacks also drops. If you are thinking that it can’t happen to you or that the impact won’t be that severe, you don’t want to find out how wrong you are. Take these simple measures above to protect your information before it’s too late.

About Jenny

Jenny is a content writer for ZipBooks and a graduate student at Brigham Young University.

Privacy Preference Center