Five Reasons Why Your Online Business Isn’t As Secure As You ThinkSecurity is one of the most important parts of running an online business – if someone has access to your systems when they shouldn’t have you’re going to lose both money and trust.
But a huge number of people are putting themselves at risk because they are unaware of the risks they are exposing themselves to.
Here are five reasons why you might not be as secure as you think.
1 – You don’t change passwords
When you get a router or another piece of network kit, it comes password-protected because anyone who gains access to it can exploit that vulnerability and cause all sorts of problems from intercepting data to taking down your website.
But if you don’t change that password, then it might as well not exist.
Even the most inexperience hacker can gain access by identify the make and model of a router and entering the default password.
The lesson here is to change passwords, often.
2 – You never update anything
Those 145 software updates you have pending? For the most part, they’re security fixes aimed at deterring hackers.
If you’re not installing them, you’re basically issuing a come and get me plea to those who want to take your money.
Cyber criminals specifically target software that hasn’t been updated, so if you haven’t updated your software then you’re incredibly likely to be targeted by cyber criminals.
Install updates as soon as you possibly can.
3 – You don’t care who has your credentials
Your log in name and passwords are like the keys to your house – anyone who has them and knows where you live can come and go as they please.
Just as you wouldn’t hand out your house keys willy-nilly, you shouldn’t give anyone log in details unless they need them to do their job.
Even then, you should make sure they can only access the bits of the system they need to.
You may not be concerned about your employees getting up to no good, but even so everyone who knows the log in details is someone who could let them slip without meaning to.
Social engineering, the process of conning people into giving away passwords, is responsible for a huge number of hacks.
Allow people to access the areas of the system they need to do their jobs and nothing more.
4 – You don’t care what gets connected to your network
In principle, allowing people to bring their own devices such as mobiles, tablets and USB sticks isn’t a bad idea.
It’s cheaper, and can be more efficient than training people to use unfamiliar kit.
But if you don’t know what people have on their devices, then they could be transporting viruses and malware into the heart of your network.
Either get a bring your own device security plan sorted, or if you can’t do that, ban them entirely.
Countless cyber attacks have been initiated by a witless member of staff plugging in a USB stick and transferring a virus, don’t let it happen to you.
5 – You don’t understand all the problems you face
Protecting yourself against viruses and malware is one thing, but do you know how your website would cope if it was the victim of a distributed denial of service attack?
Do you even know what a DDoS attack is?
If you haven’t got time to research all the threats you face, then speak to an IT security expert to ensure you have all the protection you need.
License: Creative Commons image source
By Will Stevens of the 123-reg.co.uk blog team. In the past he has written articles for ReadWrite, the Guardian and the Content Marketing Institute.
More Business articles from Business 2 Community: