If you’re like most small-business owners (extremely busy), digital security is probably not at the top of your list of priorities.
According to the Ponemon 2017 Cybersecurity Report, more SMBs are becoming the targets of cybercriminals. In 2017, financial damages caused by attacks against small and medium-sized businesses averaged at $2,235,000. The report also indicates that both the severity and sophistication of the attacks are on the rise.
Big companies with substantial budgets can afford to hire professionals who’ll make sure their data is safe. But what can freelancers, solopreneurs and SMB owners do to stay safe?
You’ve probably already heard that installing an antivirus software is a must. Couple it with a firewall and you’re safe, right? Here’s the thing: these measures are important, but they won’t work miracles on their own. Indeed, the more I think of it, the more I realize that staying safe in the digital world depends on the amount of common sense you’re willing to invest. You can quote me on that.
Have a look at these 6 common-sense security tips that will help you safeguard your business in the digital world.
1. Identify the Vulnerabilities Early On
If you were to think of one thing that keeps your business afloat, then what would it be? I bet that the first thing that comes to mind is cash flow.
An interruption of cash flow is the prime reason why 82% of SMBs don’t make it. That said, this is not exactly the only pressure point your business has.
If you’re a freelance graphic designer, you most likely store projects on your computer or in the cloud. What would happen if somebody took control of your cloud account or encrypted all the files on your hard drive and demanded that you paid ransom to get them back?
Let’s try a different scenario.
You’re a successful influencer. The lion’s share of your business revolves around building and managing your presence on social media platforms like Facebook and Instagram. What would happen if somebody took control of your social media?
It’s important that you identify the pressure points of your business and focus on taking preventive measure early on. The next five tips will help you to do that.
2. Give Your Passwords a Hard Time
Now, I get it. Coming up with different passwords for every website or account you create is a hassle. Who could possible remember all that? That’s one of the reasons password standards of most people are hopelessly low.
SplashData compiled a list of Top 100 Worst Passwords of 2017 which clearly shows how terrible we are at this. The top 5 most commonly used passwords of 2017 were:
An even bigger problem, however, is that many people reuse passwords across multiple accounts. If one of your accounts gets hacked or its details leaked, every other account with the same login details gets exposed.
You can use password managers to generate and securely store passwords for all your online services. All you have to do is to come up with one (yes!) strong password to access the rest. We have already covered password managers on FreshBooks, so feel free to jump here for a few recommendations.
If for some reason you still want to brainstorm your passwords the old way, this simple tool will tell you how strong they are.
- Never use identical login details across different accounts or websites
- Don’t reuse old passwords
- Multi-factor authentication and security codes are not just for online banking. Make sure to enable this for every account and online service you use.
- With this tool, you can regularly check if any of your email accounts has been exposed as a result of a data breach
- Don’t store your passwords in a physical form. Post-it notes are a big no-no.
And that’s it! It seems that you’ve just run out of excuses for being a password slacker.
3. Leave No Loose Ends
As a freelance writer, I use a variety of apps and online services that make my work easier. Heck, they make it possible in the first place!
As I’m looking over the list of the tools I use, I count writing apps, project management platforms, calendars, time trackers, communicators… The list goes on and on. Throw in a bunch of newsletters and you’re soon in the dark about what things lurk in your “digital toolbox”.
You can’t effectively guard your data if you have no knowledge of its whereabouts.
Some time ago I decided to brush up on my online hygiene and came up with this simple strategy.
- I created a list of all my digital assets, including accounts, newsletters and active subscriptions. I did this gradually by following the emails I receive from service providers.
- I crossed off the items which I hadn’t been using or needed anymore
- I then funneled the rest of the items from my list into a password manager and generated fresh, complex passwords for each
- I got rid of the obsolete accounts and unsubscribe from irrelevant or spammy newsletters. It shouldn’t take more than 5 minutes a day if you do this one step at a time.
Most apps and online services have a “delete” option buried somewhere in the account settings. If you can’t find it, send a simple email to the relevant support team and request a manual deletion of your records.
Thanks to this simple strategy, my digital workspace is much cleaner now. I’m also not spreading myself thin and always know the contents of my digital toolbox.
4. Review Your Travel Habits
These days, you can run your business from pretty much any place on earth. If you’re a digital nomad, chances are that you rely on public WiFi during your travels or connect to the Internet at public places like hotels, restaurants or cafes. Since mobile data charges can be harrowing, “free” internet connection may seem like a wonderful solution.
While smart budgeting is a noble cause for an aspiring solopreneur, connecting to public networks puts your data at a considerable risk. Malicious individuals can connect to the same network and intercept your private information with ease.
According to a study conducted by Symantec, our WiFi habits are as terrible as our passwords. A staggering 60% of over 15,000 participants worldwide stated that they feel secure using public internet connection. Furthermore, 87% of the respondents used public WiFi to log into their email, social media accounts or online banking services.
You can minimize the security risk by either avoiding connecting to public WiFi, which is probably not want you want to hear, or use a VPN (Virtual Private Network) like ExpressVPN (info), NordVPN (info) or TunnelBear (info), just to name a few. VPNs are available for all major operating systems.
Bonus Tip: You shouldn’t stop at securing your WiFi connection. When you’re on the road, you must also ensure physical security of your data. It’s a good idea to consider migrating your data to the cloud. This way, you will be able to operate your business as usual even if somebody damages or steals your devices.
- If you must connect to public WiFi, always use a VPN
- Try to limit the amount of personal information you input while connected
- Never leave your devices unattended
- Start moving your data to the cloud
- Consider a business insurance
5. Consider the Human Factor
Let’s say you’re looking for subcontractors to help you with the next big freelancing project. Or maybe it’s time to take your small business up a notch and hire new professionals to join the team.
Regardless of which scenario is true for you, it’s vital to make sure that the people you work with hold to the same security standards as you do.
As observed by Yves Lacombe, the Technical Support Director at Vircom, “The weakest chain in cyber security is the human being. It’s the lowest hanging fruit. Most of the attacks we see in the field right now are targeting uninformed people.”
There is one more angle to this point. While many security incidents stem from unawareness or distraction of employees, some may be premeditated malicious actions against your business.
According to this report, 28% of all data breaches are perpetrated by members of staff. Regardless of whether you’re dealing with a vengeful employee or industrial espionage, make sure that you’re prepared.
- Enforce using a password manager across your business
- Limit your employees’ access level on project management and collaboration platforms
- Make sure your employees are in the know about potential digital security threats
- Revoke the access to your digital assets for people who are about to leave the company
- If your employees use shared passwords for digital services (not a good idea), change the passwords on staff rotation
- If possible, do a background check on your subcontractors before sharing project details
6. Trust the Cloud
Security-wise, keeping your digital assets off the grid may seem like a good idea. Nothing bad can happen if the files don’t leave your office, right?
The reality, however, is that migrating your data to the cloud dramatically improves data security across several categories.
The first thing you should keep in mind is that cloud service providers have strong safeguards in place to protect your information. Apart from encryption algorithms and constant data monitoring, they ensure that your assets are “physically” guarded inside secure data centers. FreshBooks does that too!
The second important aspect of cloud services is reliability. If you choose to store your data on the hard drive of your computer, the files can easily become corrupted or lost forever if your device malfunctions or gets stolen. Thanks to backup mechanisms, cloud storage takes this possibility out of the equation.
The best thing about the cloud?
You can access your files from every place on earth. Just remember to use a VPN while doing so!
If you’re still concerned about the security of cloud solutions, have a look at this article where we clear up this misconception.
If you’re already into cloud and use desktop apps to access services like Dropbox or Google Drive, make sure that you always have their newest versions installed. Cloud-service providers frequently update their software to keep up with the rapidly-changing security standards.
You can invest hour upon hour into learning the technicalities of digital security. You can spend big bucks on the state-of-the-art security software. You can even hire a professional to keep watch over your digital assets. But if you don’t exercise a fair share of common sense and revise some of your digital habits, it will all mean nothing.
After all, common sense is the only thing that can prevent you from clicking on suspicious links or storing passwords at post-it notes glued to your desk. So, starting today, your rule of thumb for digital security should be “if it seems to good to be true, then you’re probably right.”
Dropping the serious tone, I encourage you to watch this funny TED Talk in which comedian James Veitch decides to take a dive into the weird world of SPAM.
Have more common-sense ideas for better digital security? Let us know!
about the author
OctoScribe where he helps B2B tech companies talk human instead of code. When he's not writing about tech, he's enjoying the simplicity of analog photography and daring bike trips with his wife.Dawid is a freelance copywriter and blogger at