Keeping Your Business Secure: A Guide For Basic Website Safety
In March 2020, businesses everywhere underwent big changes. Shifting almost 100% to a virtual-only economy and focused marketplace. With all of that new online activity, comes a more prominent need to make sure your website and customer data are safe and secure. With 56% of all internet traffic coming from an automated source such as hacking tools, scrapers and spammers, impersonators, and bots—how do you make sure you’re taking steps to make your online environment safe for you, your team, and your customers?
We put together a security checklist all businesses should follow to make sure you’re taking the basic steps to keep your business safe. We also encourage businesses to consider CYBER LIABILITY INSURANCE to help financial losses that result from data breaches and other cyber events.
If you are interested in exploring your options, please email firstname.lastname@example.org or call (918) 999-9122 for more help.
How to Protect Your Business
Phishing scams are some of the most common online scams around, and they’re becoming more and more sophisticated. Phishing is no longer limited to an email asking for money, or an email telling you you’ve won something or been selected for a special opportunity. Today, phishing attacks can look like emails from your bank, your doctor, or even your own business. It’s important to stay vigilant in making sure that each email you open and link you click is coming from a reputable sender.
Some quick tips for identifying phishing scams:
- Is there a typo in the email? Does the logo of the company sending it look right? Is the branding the same as you remember? Companies take a lot of time and effort to make sure their emails look good and represent the brand well—they won’t have typos or major image issues.
- Make sure the URL you are on has an HTTPS at the start and a padlock image next to it. That will tell you the website has security features.
Protecting yourself and your business against phishing attacks means staying vigilant and educating yourself and your team. Make sure you’re taking the steps you need to protect your business from phishing.
Playing offense to Phishing scams:
- Set up a time to have a team meeting around phishing attacks. Get your team together and put together a couple of examples of phishing emails.
- Have a security training session each employee has to take as part of their onboarding or yearly training.
Virtual Meetings And Events
Virtual meetings have become the norm across almost all industries—since we’re not able to meet in person as much as we’ve been used to doing, platforms like Zoom have been immensely helpful in bringing our teams together outside of our offices or physical locations. These platforms have also been vital in moving our physical conferences and events into an online space. Here are some security actions you’ll want to use to ensure that your virtual meeting or event is safe and secure:
- Do not allow anonymous attendees—make sure each attendee adds their first and last name once they sign into the meeting.
- Do not allow questions to be asked anonymously—this will help keep folks accountable, and also allows you to follow up should you need to.
- Require attendees to provide their first name, last name, and email address in order to register for an event.
- Use the Zoom password feature to make sure the only folks in your event are the ones who were invited.
- Prepare a statement in advance of events that you can use if an attendee posts inappropriate content in the chat.
- If your event has 50+ registrants, try to have 2-3 moderators to help with chat & QA.
Cultivating A Culture of Security
If you want to set up a safe and secure online presence for your team and customers, you have to have a culture of security at your company. It’s critical that your employees understand the importance of consistently looking back on each checkbox to make sure that both their own and the business data is protected. Here are some steps you can take to build that culture at your workplace.
- Talk early and often. Make sure security training is part of every employee’s yearly training. You can even bundle it with annual points of interest—a first day of the quarter, an annual review, etc.
- Make it easy for employees to point out a potential issue. How can your team members report an attempted phishing attack or remind folks to change their passwords? Consider sending a simple email every quarter to check in and keep security top of mind.
- Create a culture of backups—make sure your employees understand why it’s important to back up their projects and important data regularly. Store data in the cloud, and back up what’s on your machines. Set up a recurring calendar reminder for your team