Even though eBay Inc. announced their data breach on May 21, something about it stuck in my mind. To refresh your memory, the company stated that the breach took place “between late February and early March, [and] included eBay customers’ name, encrypted password, email address, physical address, phone number and date of birth;” which means that if you have an account with eBay, the attackers might have had your information for months. The potential damage that could have been done is pretty scary.
In this day and age, with all of our personal information on one device or another, it is imperative that we take steps to protect ourselves, especially if you have a small business that is mostly online. Luckily, it can be fairly easy to make your online content as safe as possible. Here are a few steps you can take to help ensure you are protecting yourself and/or your small business on the internet.
1. Password protection - While it is incredibly annoying to create 8,000 passwords for your 8,000 online accounts (probably only a slight exaggeration for most business owners), it’s become a necessity. If you are one of those people that uses the same password for everything from your Instagram to your online bank account, you’re probably grumbling away this advice with a “nah, it’s fine” attitude. But look at it this way: not only can hackers post weird photos for all your customers to see, they’ll quickly figure out they can wipe out your finances with the same password and in the same amount of time its takes to post that photo. The FTC recommends being as random as possible with your password choices; in other words, DO NOT use your birthday, anniversary, or name as a password. Look at the password selection process as an opportunity to be creative!
If you struggle with memorizing all of your passwords (or are like me, and are just too lazy to do that) there are a variety of password managers that you can use that should be secure. Some of these apps will even create passwords for you that are highly randomized, so you don’t have to wrack your brain thinking up a safe, creative password. Once you have entered all your passwords into one of these apps, you just need to remember the one password to get into it, and then you’re good to go. There are quite a few in the app store (I prefer Keeper or Bitium), but do your research to figure out which is the best one for you. Look for ones with added security features like a two factor authentication system, the ability to back up to another device, auto shut off features, and/or encryption features. These will help ensure that you are the only one able to access the passwords, and using a password manager should be safer than just setting up a password protected Word doc.
2. Check your bank statements - With the Target credit card breach in March, many people should already be in the habit of checking both their financial accounts. This is an important step to take for business bank accounts as well as personal bank accounts. Check for any unusual activity in your account, such as purchases that you don’t remember making, no matter how small the amount. The more diligently you check your finances, the easier it will be to spot weird charges on your account.
3. Check personal and business credit reports frequently - Make sure you understand the difference between your business credit scores and your personal credit scores. The more actively you check your business credit profile and personal credit, the easier it can be to spot oddities. To make monitoring your business information easier and less time consuming, I would recommend using the Dun & Bradstreet Credibility Corp. Business Shield product. It will provide real-time monitoring of your business identity for changes, inaccuracies, and missing information; as well as alerts to activity within your business credit file that may indicate identity theft, including changes to your business name, address, phone number, ownership, and website address.
3. Don’t click the link! - If you get an email from a company saying something like “you’re account has been breached, we need all this personal information, please click here,” DON’T. Do not click the link! Reputable companies will not ask you for personal information through an unsecured avenue such as email or over the phone. If you are really spooked about an email from a company saying your account has been breached, call them through the customer service number provided on the official website. Type in the company’s web address yourself, or look it up on a search engine, and from there find their customer service number. The representative should be able to tell you whether the email was a scam or not.
By following the simple steps listed above, you may be able to decrease the likelihood of fraud affecting your business and security.
No comments:
Post a Comment