How to Keep Your Data Safe Online – 8 Essential Tips
There is so much advice about keeping your data safe online, and I really hope you understand why it is essential to do so. As a business owner it is not just YOUR data either, you are often responsible for client and supplier data, and it is mandatory by law that you protect personal information to the best of your ability.
But don’t be too scared, there are some straight forward ways to make sure you do your bit. Most security experts agree that if a hacker gets you in their sights there isn’t much you can do, but what you CAN do is ensure you are getting the basics right and doing the most that you can to protect yourself, as this will prevent silly errors occurring or you ever falling foul of an opportunist or a data breach.
We have put together 8 essential tips that will help keep your data safe, as well as explaining why you should be doing it. So, read on!
1. Use Two Stage Verification where Possible
Most sites, or at least more and more now have an option to add 2FA – two-factor authentication. It isn’t complicated, it usually involves a standard login with a password which then sends a notification to either your mobile number or a designated email account with a login code, this checks your identity.
This extra layer of protection is far more secure and a 2019 report from Microsoft concluded that 2FA works, blocking 99.9% of automated attacks, which is a bold claim! But if you think about it, unless someone had access to your password AND your mobile or email, they can’t log in. Also, check the settings for this option.
2. Use Complex Passwords and don’t Repeat Them
This feels like common knowledge now, but people still ignore it, so when setting up an online account please make sure you set up a password that isn’t Ilovemydog2019 or something worse like password123. They are easily decrypted and if you use the same password on multiple online accounts and you get hacked on one you are going to be in trouble as they will access all your other accounts with it.
Use both upper- and lower-case letters, numerals and other keys if you can (#?! etc.) Some password managers will have the ability to suggest suitable passwords for you, see the next point.
3. Use a Password Manager
Yes, I know, setting up passwords is a nightmare sometimes, and there is NO way you will remember every username and password. So, make sure they are saved online. A browser like Google offers to save them for you but most data security experts will tell you this isn’t a great option. If your Google gets hacked, you are in deep trouble…and even Google is fallible.
The best password manager options are LastPass or Keeper, they have apps for your mobile phone or tablet devices or whichever operating system you use including Windows, IOS and Linux. They have a strong main login, then you can store all passwords you set up in there, categorising them into personal, business, social media etc. And there is the ability to share them in a secure way with team members etc.
4. Regularly Back Up your Work
Where do you store all your data? It is great to use cloud storage like OneDrive or Dropbox, to back up everything you use but please also back things up to another place regularly. You can pay a company to manage this for you (depending on the size of your business this might be worth bearing in mind), or you can back it up yourself to a hard drive. You would then need to store the
hard drive somewhere safe and ideally protected from flood/fire etc. but at the very least somewhere different to your laptop.
5. Lock away Paperwork Securely, Preferably Store Data Online
Do you still use paperwork or files? This will vary according to your business model, but most people still have some level of paperwork, even if it is just things you print out for reference or insurance/tax information that gets sent by post.
This needs to be stored safely. Lockable filing cabinets or drawers work well. If you have a personal safe box at home for passports etc. perhaps consider one for important work documents. Obviously, it will depend on the volume of paper you are dealing with.
If there is a breach of the data you will have to prove you took reasonable steps, so leaving it on a train (remember when that MP did it with sensitive data!) is not responsible behaviour, leaving it in a locked office is.
Also, ensure you destroy paperwork that is no longer required, there are time limits on how long you are allowed to store personal data on people for, cross shredding is the safest way to do this. For confidential data, you may need to pay for a company to destroy it, if you rent an office look into if this service is available.
6. Use Cloud-Based Accounting Software
When it comes to managing your accounts using cloud-based software is the way forward, it is so much easier than bags of paperwork or spreadsheets. It also means you are being compliant with payment and personal data such as credit card details from clients plus addresses etc. as the accounting system will have compliance and security built-in, just make sure you use good passwords and 2FA where possible.
You can read about the numerous benefits of cloud accounting in a blog we wrote here: https://www.businessaccountingbasics.co.uk/what-is-cloud-accounting/
7. Don’t Access Sensitive Data when on Public Wi-Fi
It can be great to go to a local coffee shop to work from time to time or catch up on some work on the train, but if you are accessing the internet on a public Wi-Fi, please don’t look at client data, accounting or private information. Anyone can access what you are doing.
When looking at bank information etc. make sure you are on a secure home or business Wi-Fi that is password protected or use a VPN (Virtual Private Network). Also, beware of fake websites and services, make sure you check the site address when you sign in and that it is SSL protected.
8. Have Antivirus Software in Place and be Savvy about what you Click on
There are free versions of virus protection software and the detail on each type is another blog in itself, but at the very least enable the one built-in on your PC or Mac. Regular scans are essential to identify malicious software or malware, but still be wary of downloading anything you don’t know is safe.
Also, beware of phishing emails or texts and don’t click on links unless you know it is from who they say it is. Banks etc. will not send you a link to log in or ask for your passwords. Beware of mysterious messages from friends on Facebook, links in emails or unusual texts about parcels.
There are some businesses that offer to install and manage your anti-virus software for as little as £6 a month and for peace of mind, this can be a great option.
Keeping Data Safe Online – GDPR and Data Protection Act
Ultimately you need to be aware of what your personal and business responsibilities are when it comes to storing personal data, under the legislation GDPR and the Data Protection Act and make sure you have a privacy policy that outlines the security measures you take to keep data safe.
As a business, keeping data safe online isn’t just a choice it is a legal requirement so make sure you get yourself up to date and as safe as you can be, and you will save yourself a potential data breach!
For further reading on how to keep your data safe online visit ICO