7 Cyber Security tips for Small Businesses and Freelancer
"Protect your small business or freelance venture from cyber threats with these 7 crucial cyber security tips. Safeguard your online presence and sensitive data today."
As the owner of a Small Business, Freelancer, or online influencer you are the pillar of your company. No matter the nature of your business, online tools like email, social media, accounting, etc. have become a central part of your success. Losing access to these tools, even if just temporarily, would have a detrimental impact on your company. And bad actors are out there aiming to do exactly that, and often even abuse the accounts they gain access to for their own scams. Over the past years, I've been approached by countless individuals, from consumers to Small Business owners, when the accounts they use to conduct their business have been compromised by cyber-criminals. Here are the most important observations I've made:
Most of these internet criminals don't care who you are. They run their activity in an automated way and browse through the internet for the weakest accounts and take them over.
Hackers are constantly improving: Their strategies are getting better as we speak and their method to gain and keep access to their victims' accounts is constantly evolving.
It can be hard to regain access after a hack. There are plenty of reports on forums of people who have struggled to regain access to their hacked accounts, while the attacker would abuse them for their notorious scheme.
Cyber-Security to many feels like a daunting and complex field that can only be navigated by large companies with a big budget. Even as a Sole Trader you can take action and significantly improve your resilience against the most common types of attacks you and your peers are exposed to on a daily basis.Without further delay, here are 10 things you should do to significantly reduce the risk of having your online accounts hacked:
1 - Make a list of your online accounts
Start with making a list of all the tools you login to for your business. Most of the time you're going to use an email address as a username and a password. Write down the email address you use, as they are an important element of this account's security especially your social media account. Here's a list with some of the most commonly used accounts by Sole Traders in the UK:
Email (work & personal)
Payment Device like SumUp
2 - Protect your email accounts
Not only is your email account a communication channel with customers and suppliers. It is also the foundation of most other online-accounts, where it serves as the user-name and way to change your passwords. This is why email compromise can be an attractive scam for bad actors who then want to extort their victims.
Step 1: Have a strong & unique password for each account
Step 2: Add a recovery address to your email accounts in case you forget your password
Step 3: Enable 2-Factor Authentication to prevent 99% of all attacks from succeeding - We'll talk more about 2-Factor Authentication (or Multi-Factor Authentication later)
Do this for all of the email accounts used to login to the tools you identified in the previous point.
3 - Enable 2-Factor Authentication where available
2-Factor Authentication, sometimes also called Multi-Factor Authentication or 2-Step Verification, is an additional layer of security for your online accounts. It requires you to provide an additional method to verify that you're the legitimate owner of the account on top of the username and password. The vast majority - more than 99% - of attacks online are automated and can be blocked by using this security feature. This means that an account that uses 2-Factor Authentication becomes uninteresting for most hackers.
Most modern accounts allow you to enable an additional Authentication Factor. I recommend you to add multiple Factors to your accounts to reduce the risk of losing access.
4 - Manage your passwords
You should use strong and unique passwords for all of your accounts. This can make it hard to remember them. That's why you should find a way to manage your passwords. There are multiple ways of doing this. You can install a password manager (e.g 1Password, LastPass, Dashlane etc.) which will help you to create new strong passwords and keep them in a safe place. While it might sound counter-intuitive, you can also write them on a paper notebook you keep in a safe place. Hackers tend to sit in their own offices and not come into yours - physically.
5 - Update your software
Keeping your Software up-to-date is an effective tool to benefit from improvements of Security. Apple, Microsoft, Google etc make continuous progress to make their software more secure and provide you with updates. Take advantage of them, when they come out.
6 - Protect your devices from unauthorized access
While most attackers will try to compromise you from far away, you should still make sure that someone that gets your hands on your device doesn't just get access to all of your data. For mobile phones and laptops it is good to enable a screen lock that requires you to either use your Face, Fingerprint, or a passcode to unlock your device.
7 - Talk about Cyber-Security with your peers
Even if you do everything right, there's still a chance that someone you work closely with - like your accountant, marketing agency, etc. - gets compromised and your data is exposed. Talk to them about their security practices because everyone can get phished, and have them provide you with confidence that they take these risks as seriously as you do. These seven steps are a practical start on your journey to improve your small business security posture and reduce the risk of cyber threats for businesses.