Here’s a list of 10 ways to help keep your company and personal data safe.
1. Use a password manager.
A password manager is software that you use to store your passwords (in addition to other convenient features, such as auto-completing forms, including entering your credit card information). Two of the many options are 1Password and LastPass.
Using a password manager makes it easier to follow good password management practices by doing a lot of the work for you. With a password manager, you can more easily:
- Use different passwords for each account
- Use strong passwords
- Longer phrases with several words are good
- Your password manager can help you create strong passwords
- Share passwords only through the password manager and only with the appropriate people
- Change passwords when someone who had them leaves the company
Here’s a video on Password Management with 1Password: What is it? Why is it important? How to do it?
2. Don’t click on emails unless you’re sure they’re safe.
Emails are a great tool for hackers to get your information.
A hacker sends you an email pretending to be one of the big banks, either because they know you use that bank or because they’re sending emails to everyone knowing that many people have an account there. You click on that email to login. You go to the hacker’s website, which looks like the bank’s website but isn’t. They now have your login information.
Be very careful when clicking on any email and don’t assume it’s from who it claims to be.
3. Even if you think an email is safe, go directly to the website to login.
You get an email from your bank. You’re pretty sure it’s your bank. You check who it’s from. It looks very official. It relates to an issue you had recently. Still, you may want to use your password manager to go to the website and login directly, not click that email. Even if you think you’re safe by clicking, be safer by going directly to the website.
4. Browse safely.
Don’t visit weird websites. If you’re shopping, pick websites you know.
Don’t click on links on weird websites.
Don’t download anything unless you know and trust the origin.
Don’t overshare personal information online.
5. Use two-factor authentication.
Two-factor authentication means using a second factor beyond a password to login to an account. The second factor can be a phone number, email, or authentication application such as Google Authenticator. An authenticator is often more secure than a phone number or email.
6. Keep software updated.
The companies that make hardware and software frequently update their software to protect you against vulnerabilities. Be sure to update your browser, desktop and mobile operating systems, and all software you use. If you don’t use something that you have installed, delete it.
7. Password protect your computer and lock it quickly
Use a password to access your computer. Set your computer to lock after 5 minutes of being inactive.
8. Use a VPN.
A VPN, or virtual private network, is a way to protect your data from being viewed while it’s traveling between your computer and the computers on the other end. If you use wifi networks that you don’t control — on a plane, at a coffee shop, in a hotel — a VPN can help ensure that your data can’t be accessed by that wifi network or by someone pretending to be that wifi network.
9. Security settings
Check your phone and browser security settings and make sure everything is secure. Chrome’s security settings are here: chrome://settings/security
10. Minimize use of paper and shred it when done.
Try to use paperless statements and invoices to avoid having unnecessary vulnerabilities. If you do use paper, shred it when you’re done.
Resources for Startup Operators 