We already know that a large portion of cyber attacks reportedly target small businesses. SCORE put out a useful summary report earlier this year and this article by People Driven Solutions gives a good overview.
What should we do about it? Most of my clients follow these basics standards:
- Keep software up to date with the latest versions and patches
- Use available built-in or third party security software including two factor authentication
- Use separate randomly generated passwords for each account or web site
- Use a secure password manager
- Use a secure portal for sensitive data
- Use secure email (not using encrypted mail)
I’ve covered these topics for small businesses in prior blog posts. This index of security posts lists 18 of these topics. Some are dated but still relevant today.
Now I’m revisiting the topic of online security for small businesses1 and will consider expanding security with several new standards:
- Use a VPN for internet access
- Turn on random hardware location tracking features
- Use DuckDuckGo for web searches
- Use a secure messaging service
- Expand use of virtual currency
I’m learning and testing options in each of these areas for my own businesses. More to follow!
1 The recent release of the book “The Drowning of Money Island” immediately raised some increased online attention to my controversial environmental justice activities. The author candidly discusses my other offline security issues including the possibility of an arson attack or another physical attack.
I feel that I have a good handle on and have already made good progress on four of the five planned expansion measures. But I’m still struggling to understand the use of VPN in a 3G cellular network like we have in my rural area.
This new short article show discusses why virtual CPA firms tend to be ahead of the curve and can help with online security. The points discussed match my own checklist above. https://cpatrendlines.com/2020/03/01/how-security-differs-in-a-distributed-company/