Do you know how to protect your business from hackers? Have you ever worried about cyberattacks and having your information stolen? Do you spend time worrying if your team is going to click on a disguised link or open an attachment that could result in a hacking or ransomware disaster? Well, this post is for you! Don’t spend any more time worrying. Instead, spend time preparing and being proactive in protecting yourself and your business! Caitriona Forde joined me on my podcast last week and we talked about Cybersecurity and how to protect yourself and protect your business from being hacked!
The content for this post was co-created by Kelli-Rae Tamaki and Caitriona Forde from our most recent podcast episode. Edited by Stephanie Bristol, TMH. For more information about Caitriona take a look at the end of this post!
If you are thinking that “this won’t happen to my business”, “it won’t happen to us, we’re too small”, or “we’re just starting up”, you are thinking the wrong way! Hackers right now are targeting small businesses. Small business owners are busy with other things. The first thing on their mind isn’t cybersecurity and training their staff to know what to look for or how to protect themselves and the business from attacks. For small businesses in particular about 60% of small businesses that suffer a major cyber incident go out of business within the first six months. Caitriona and I have literally seen million-dollar businesses lose everything overnight because they’ve been hacked! I know that you do not want this to be you!! As a side note, if you rely solely on one platform to generate income for your entire business, you need to diversify!! If you sell your products only on Instagram – that needs to change now. If a hacker gets into your Instagram account and locks you out, you just lost your income stream! To get back up and running you would have to start from scratch. It is VERY hard to get your social accounts back. If you are wondering what to do, start here with these tips and advice that industry expert Caitriona Forde and I discussed on my podcast last week!
EMPOWER YOUR PEOPLE TO PROTECT YOUR BUSINESS
As a leader, you need to create a space for your team to be able to talk about things. Your team needs to know that they can come to you and communicate if something looks or feels off. If they’ve clicked on something that they think maybe they shouldn’t have, you need to create a space where they feel comfortable coming to talk to you. It’s not necessarily about whether or not they click the link, this could happen. It’s creating an avenue for them to speak up when they see something off, or they realize that something didn’t check out. Check out this article from Forbes for some tips on training your staff! Remember, hackers are not hacking technology, they are hacking people. Hackers know people! This is what they do. They know what makes people tick and what people will click on. To protect your business you need to empower your people, think about starting with these three important tips:
- TO CLICK OR NOT TO CLICK: Err on the side of caution and do not click that link so hastily! Hackers want you to click on a link or open an attachment. These are common ways that hackers get into your computer and start to observe your online behavior. This is why training your people is SO IMPORTANT! Instead of opening links that are shown in the body of an email, copy and paste them into a browser, this way you can see where they are linked to. If you hover over a disguised link you will see that the destination is different from what you’ve been made to believe. Also, if there are attachments, make sure they are automatically run through antivirus software.
- GUESS WHO: One of the most prevalent tactics being used by hackers right now is gaining access to your computer, observing your online behaviors, and then impersonating someone within your organization. When you receive an email you need to be careful to check the email address is familiar to you – look carefully, sometimes it’s only one letter missing, added, or misplaced. If you receive emails that are time-sensitive ALWAYS follow up whether it appears to be from your boss, your phone company, your kid’s school, or your business coach – always contact them to ensure that they’ve sent the email.
- TEXT MESSAGES ARE NOT AN EXCEPTION: When I teach marketing I talk about the importance of getting people’s cell phone numbers into your database because the open rate is super high, like 97%. However, hackers know this as well!! So, you need to be careful when opening text messages. Don’t click on links. If it says you need to pay RIGHT NOW, don’t pay now! Phone the company or service, look up your account, or log in to the app. I cannot stress this enough – do not click on links and do not ever enter your information. I know that it’s hard, hackers know us!! If we are offered a bonus, if we’ve won a prize, or if our account is being shut down, we are enticed and we want to click the link. Hackers want us to click on links so that they can download malicious software or get your data to sell or use to steal your identity for some purpose!
PROTECT YOUR BUSINESS WITH LAYERS OF DEFENSE
- In a business setting, your first line of defense are your people! They are the ones who are going to be able to identify something suspicious and recognize that something is off.
- Next, very importantly, passwords. You need to invest in a reputable password safe to protect your passwords. Your passwords are the keys to your information – you would never leave your house or car keys laying around for anyone to take in a busy shopping center. So why would we leave our passwords vulnerable and easily accessible to hackers? Use a password safe AND let the password safe auto generate your passwords for you! This may not be the most convenient option but it is a safe option and in the long run, will save you much grief and potentially millions of dollars.
- Additionally, you knew it was coming, multi-factor authentication. I know, we’ve all had the annoying message pop up that says you need to enter the code that was sent to your phone. Which phone? Your work phone? Your personal phone? Your team members’ phones? I know, I know. However, we need to keep our information safe – use the safeguards that have been provided for you to do that! This is a free service that you have access to and it is worth the hassle to keep your client’s information as safe as possible!
BACK UP YOUR INFORMATION TO PROTECT YOUR BUSINESS
Where is your data stored for your business? When you use services like Google, Microsoft, Amazon storage, etc. you are trusting these businesses to keep YOUR business running! If one of these companies experienced an outage could you still access your operational information, your customer lists, your store or products, and important files? You need to be backing up a copy of your information somewhere offline, even on an external hard drive as regularly as possible. You need to assess how much data you are willing to loose if you are breached or if there is an outage of some kind with your cloud service.
YOUR 3 ACTION STEPS
- IDENTIFY AND UNDERSTAND THE RISK
- If you or your business experience a cyberattack you could potentially lose millions of dollars, valuable information leading to the loss of trust from your clients, access to your social media accounts, days of operation while your information is being recovered and so much more.
- Understand the different ways that hackers are commonly using to attack your information or data. One of the most common ways that cyber criminals are gaining access to businesses right now are through phishing emails that will supposedly come from banks, personal services or people within an organization (potentially the owner or CEO, finance department, etc.).
- HAVE A PLAN TO RECOVER QUICKLY AND PREVENT LOSS
- Train your people. Create a procedure for training your staff and have training on this in your onboarding process. Make sure their role in cybersecurity is VERY clear, in their job description, and their calendar. Take a read here to learn how to complete this effectively. Review this procedure monthly and amend it as needed. Ensure that staff are up to date with the procedure and do group training at staff meetings once per quarter. Remember to create an atmosphere where your people can come to you with concerns or mistakes! Take a look at this article from Forbes reiterating the importance of training your people WELL!
- Create a risk mitigation plan for data breaches and cyberattacks. If you remember back to elementary school you most likely were sent home with a little workbook to go through with your family that prepared you for situations like fires, being home alone, and other emergencies. The purpose of these activities is to ensure that when you are faced with an emergency, you know what to do. Not unlike this, you need to create a plan for when you or your business experiences a cyberattack. Start with your front-line people – give them step-by-step instructions! Decide what your process for sharing information with your team will be. You need to have a transparent process for sharing information with your clients. Don’t forget to check out local guidelines and laws regarding who you are required to share with and report to should you experience a loss or breach of data.
- RAISE AWARENESS
- Just like I have been, we need to always be learning from trusted sources and sharing correct information. Just as driving a vehicle is a risk yet one we take every day and don’t think twice about, so is using technology. There are so many technology benefits and you really can’t run a business without it, however, there are risks that need to be taken seriously.
- You can check out Caitriona’s website or follow her on Instagram to continue learning and continuing making adjustments in your life and business to keep yourself safe!
PROTECT YOUR BUSINESS WITH THIS PRO TIP FROM CAITRIONA:
If you are working online and you realize that you’re in the process of being hacked, disconnect from the internet and turn off your device or computer! Hackers use the internet so if they don’t have access to you through the internet, they can’t steal your information.