Business owners have enough to fret about on a daily basis, so needing to deal with hackers is something they would rather avoid.
With that being said, you are seeing more and more in the news about identity theft thieves aka cyber-criminals getting away with breaking into business websites. When such activities occur, business owners can be left with financial issues and of course public relations nightmares.
While there are different tricks of the trade to lower the odds your business site will fall victim to identity theft thieves, some of these tricks ultimately boil down to just plain old commonsense.
Be Pro-Active in Thwarting Cyber-criminals
If you are a business owner who is concerned about identity theft thieves making a play for your website, keep these tidbits in mind:
- Be prepared – Enter each workday being prepared for a possible cyber-attack, knowing that criminals could be targeting your business website today. This means having your website protected through a software solution, making sure your employees know what signs to look for (questionable emails and attachments etc.), and keeping all pertinent company information (usernames, passwords, customer and business data etc.) in-house and protected;
- Host with the most – Having a stellar web hosting provider for your business also means the world. With that in mind, be cautious when it comes to “free” hosting websites. It is important to note that a number of such sites will use their “free” offers as a front for identity theft plots. If such a provider places malware onto your site, you could have a host of problems to deal with. Another key when looking for the right hosting provider is of course security, especially if your business sells products online (shops, stores etc.). Just think about all the damage that could be caused if someone hacks you and gets ahold of customer credit card data, home addresses and phone numbers etc. There is also the possibility that a cyber-criminal could altogether take your site offline, leaving you and your customers in a hole. Lastly, question each host provider you consider going with when opening your business (or changing providers while in business) to make sure they have the proper security in place to prevent criminal acts on their end. Do they limit authorized access to their servers? Do they monitor their servers 24/7? These and other such questions are of importance to you in order to lessen the opportunities for cyber-criminals attacking your data;
- Employee trust – It is important from the day you hire each employee that you put your trust in them. Your workers play a major role in helping to thwart identity theft thieves, so look at them as basically your frontline in the war against cyber-crimes. That being said, you also want to look for any signs that one or more of your employees could be the identity theft thieves themselves. As many businesses have discovered over time, the criminals have come from the inside and not outside. For those employees you have who handle sensitive company and customer data details, let it be known that any illegal usage of such information will be dealt with swiftly and severely. This may include termination and also potential criminal charges. While business owners want to and need to trust their employees, always remember that cyber-criminals could potentially be right under your nose;
- Don’t hand criminals the keys – Just as you would not want to hand your car keys over to someone who has had too much to drink, don’t make the same mistake and essentially invite cyber-criminals onto your website. You can lessen the chances of a cyber-attack on several fronts, most notably by secure username and password practices. Your employees should always be given strong username/password combinations, letters and numbers that would be hard for a criminal or criminals to break. Secondly, make sure that information stays in-house, though you may be working with some out-of-house individuals on different projects for your business. As it relates to the former, your in-house employees should not be passing their username/password information around to anyone (including fellow employees) at any time. When it comes to the latter, be sure that anyone (typically independent contractors) working for your company (and having company username/password details) do not share such information with anyone else. While there is nothing wrong doing working with outsiders (many businesses in fact do work with outsiders), you obviously do not want them sharing pertinent company or customer data with others;
- Review and tweak your security procedures – One thing that makes a business owner successful is when he or she is not afraid to tweak things when they’re not working out. If you have a marketing campaign that is just not picking up much steam, you change it. When you have a customer unhappy with the service they are receiving, you work to fix that problem, be it through incentives to stay with you or giving them a different customer service rep to work with. The same should hold true with preventing cyber-attacks on your website. Don’t assume that all the security measures you have in place are automatically working or going to work over time. Review such procedures on a regular basis, even testing them to see how foolproof they truly are. You can also “test” your employees from time to time with sensitive company and customer data, making sure they are not the least bit tempted to cause your business harm.
Running a business in 2016 and beyond certainly does come with its share of risks. In order to improve the chances that your brand will steer clear of hackers and ultimately identity theft, make sure you are a pro-active business owner and not a reactive one.
About the Author: Dave Thomas covers business security issues on the web and how to protect your brand against identity theft.