By Glen Weinberg, owner and COO of Fairview Commercial Lending.
What do JPMorgan Chase, Home Depot, Michaels Stores, Target and Dairy Queen all have in common? They’ve all been hacked.
The JPMorgan security breach alone affected about two thirds of American households – about 76 million. The breach also included seven million small businesses.
Operating from overseas, hackers often compromise clients’ names, phone numbers, email and physical addresses and more, and it seems to be happening more and more.
As a small business owner how am I supposed to protect my company and clients' data if companies as large as Chase are unable to prevent an attack?
How can a small business increase their security without the large IT staff?
These steps are critical for anyone since financial professionals commonly handle financial statements, social security numbers and other valuable and sensitive data.
- Use Dual Authentication: Dual authentication requires two passwords to allow a user access. For example to log into one our banks we put in a user name and a text is sent to us with a unique passcode, the passcode is entered from the text and then we are able to enter in our password. The vast majority of systems now utilize this methodology from banks to service providers. To setup, it is usually as simple as requesting it from the provider. Having dual authentication almost eliminates the issue of a password being stolen since the hacker would also need your cell phone.
- Encrypt: Encryption basically encodes a drive that is unreadable without a “key”. This is one of the strongest forms of data security. In layman’s terms it makes the drive unreadable without the proper password. For example, if a laptop was stolen and the drive was encrypted, the data is protected. Everyone with a laptop should encrypt their drive. There is a free file encryption in Windows 8 (called Bitlocker) that is easy to use, hardly noticeable and just needs to be activated with a few simple steps.
- Do not use public hotspots: Many times when you are out in public (think Starbucks, McDonalds, hotels) you need to get online and these locations offer free internet connections. What a bargain, right? Unfortunately as a user on a free open network, your data is susceptible. Last weekend I was at a conference, I went to get online and there were three “guest” networks available. One could easily be a person next door that setup a network labeled guest. If I connect to that network they can skim any data I am sending. So what do you do? Turn on the hotspot on your phone and give it a unique name. This way you know you are connecting to a trusted network
- Protect your cell phone with a password: As professionals, I’m assuming most people have email on their phones, and emails often include sensitive information. Along with protecting your laptop, ensure you use the passcode on your phone. There is also a setting on iPhones to erase the phone data after 10 failed attempts.
