While big companies can afford to hire professionals to ensure their data security, freelancers and small business owners often have to rely on themselves to secure their data. Thankfully, it doesn’t really take much to protect yourself. Here are 7 security tips that can help you fortify your digital workplace.
Just because you can’t afford to keep an IT person on staff doesn’t mean you should ignore the security of your business.
Cyber attacks on businesses are growing year over year, and believe it or not, freelancers and small businesses are easy and lucrative targets.
Thankfully, there are steps you can take to protect you and your business, to maintain a decent level of personal privacy and to prevent the worst case scenario from being a reality. Here are 7 small business security tips you should put into practice:
- Don’t use your personal address
- Be careful about sharing admin accounts
- Enable 2-factor authentication
- Create a data backup plan
- Do a “what if” exercise
- Separate your personal and business life
- Be careful with your sensitive data
This is what you need to know.
Tip #1: Don’t Use Your Personal Address or Phone Number!
Most freelancers and remote small businesses don’t have physical office space and separate business phone numbers.
In most cases, this means you’re using your real home address and personal mobile number as the contact information for your business. That may have worked before when you were getting started, but at this point it’s an incredible risk to your personal security and privacy!
This is an incredible risk to your personal security and privacy!
The good news is that you don’t have to spend tons of money leasing office space and setting up a business phone system to protect yourself. You can do it all virtually. How?
- Set up a Virtual Business Address: It’s possible to hide your home address by setting up a dedicated virtual business address. This can be used as your registered address and to collect any mail on behalf of your business. It’s incredibly convenient and not nearly as expensive as it sounds. I recommend Postscan Mail as the best option, although there are other US-only virtual addresses.
- Set up a Virtual Business Phone Number: The last thing you want is to mix your personal mobile number with your business. Even on a personal level, I like to hide my personal mobile number and only give out my actual number to close friends and family. But as a business, this is even more important. I recommend Hushed as an option for a virtual number.
When you consider that a virtual business address costs no more than $200 per year and a phone number is only $25, it’s really a no-brainer.
Tip #2: Be Careful About Sharing Admin Accounts
Having to pay extra on team plans as opposed to individual plans can sometimes be too much for freelancers and SMBs, so most usually prefer to send over their own log-in details to their assistants.
If you’ve done this in the past, you’re not alone! Many SaaS software companies charge ridiculous prices for more users.
Sharing a single login does save you money, however, it can also result to unnecessary danger. In the worst case scenario, you may be giving away your password strategy that can be used to access your other accounts.
Meanwhile, many social media platforms now offer a team feature that allows you to add another team member without giving them full admin access to your account. You just have to make sure to set up a business account for that social media, and then find where you can add other people who either have editor permissions or riding permissions.
For other Software As A Service (SAAS), it would be up to you. Evaluate whether or not access to a particular account could be used to cause you damage somehow.
Tip #3: Enable 2-Factor Authentication
If you have the option to enable 2-factor authentication, always choose to enable it.
There are actually platforms that require you to enable it, such as YouTube, but there are also platforms where this is an option, like in Facebook through its Facebook Protect Program.
Basically, the point here is that if these social media giants have realized the importance of protecting your account with 2FA, that should clue you in on how important this is.
Here’s a list of other online accounts where 2FA is optional:
- Domain registrar
- Web host
- Cloud storage
Remember, setting up 2FA now is easier than trying to recover from a devastating account hack later. It can be done for free using tools like Google Authenticator, but we highly recommend security keys from Yubikey.
Tip #4: Create a Data Backup Plan
A few years ago, I had a break in at my office and all my hard drives were taken. Thankfully, there was one old backup that I had accidentally stored somewhere else and I was able to recover most but not all of my files.
This was such a scary experience for me but one which made me realize just how important it is to create a data back up plan.
So let this experience not just be a lesson to me, but also to you. Don’t wait until you lose all your files before you start thinking of a secure back up plan.
Don’t wait until you lose all your files before you start thinking of a secure back up plan.
This can be a simple extra hard drive or it could be a whole Network Attached Storage (NAS). But the point is, you don’t want a single point of failure (SPOF) in your business where one stolen or corrupted device file could set you back for month or years.
Tip #5: Do a “What If” Exercise
I’ve find it useful to run a simple “What If” scenario on my small business every once in a while. This means that I ask precautionary questions such as…
“What if my website goes down?”
“What if my YouTube channel gets taken down?”
“What of I have a ransomware attack?”
You don’t necessarily have to ask the same questions, just ask those that apply to your specific situation. Ultimately, the purposed of this exercise is for you to assess what reaction measures you have in place.
Tip #6: Separate Your Personal Life From Business
Make sure to create a separation between your personal life and your business. Perhaps you’ve heard of the corporate veil? That same separation needs to exist outside of simple legal liability.
You don’t want there to be any confusion between your business life and your personal life.
One way you can do this is by using a separate address, phone number, bank account, credit card, and PayPal account. This separation will provide you a lot of security protection in the future.
Tip #7: Be Careful How You Give Out Sensitive Data
Another important security tip is using your business tax ID instead of your personal ID. How you transmit sensitive information such as this one is also important. Use encrypted email services like ProtonMail or sendthisfile to send this documents securely and in an encrypted way.
Be sure to subscribe to the All Things Secured YouTube channel!