Terrifying Statistic about Cyber Crime for Small Business Owners
Following an investigation in 2021 by Verizon they revealed in their report about Data Breaches that 43% of all breaches and fraud victims small- to medium-sized businesses
Even more frightening, PCWorld reported that of those companies whose systems were breached, 60% went out of business within the next six months.
Last weekend, I spent my Saturday afternoon at the DON’T SPY ON US day of action, learning about data privacy and security. And it got me thinking—there are a lot of small business owners out there who are leaving themselves open to cyber crime because they don’t know how to protect themselves.
In an effort to help out all of the small business owners out there who are in this boat, We will explain some basic security concepts, give advice, and recommend some apps and services. On the site you can find many resources on protecting your business and you’ll have a much better idea of how to keep your data safe.
Should I be worried about protecting my small business’s data?
This is an understandably common question. Sure, there’s a lot of talk out there about data privacy and online security, but is it really something that you need to worry about?
The answer, in short, is yes. You might not feel like this is a serious threat because you’re a small business, and not a large one like Target, Neiman Marcus, Sony, or Lockheed (all of which have suffered cyber attacks within recent memory), but think of how much it would hurt your company if one of your regular customer’s credit card information was stolen while they were trying to pay you.
Do you want to be the one to tell your customers that their information has been stolen? Isn’t that something worth protecting yourself against?
Do I need to protect my small business from hackers
Yes, you do, for a number of reasons. You might think that you’re too small to be noticed, but small businesses are an appealing target for hackers.
Don’t believe it? Here are 5 small businesses who have suffered from cyber attacks.
A BBC article on the issue stated that many small business can serve as backdoors into larger businesses, and prove to be easier targets. Unfortunately, a large proportion of small businesses don’t protect their computers or their mobiles properly, and that makes it significantly easier for a hacker to gain access to their data.
Hackers can steal payment and customer information from dozens of small businesses in a short period of time, making this an appealing strategy—add that to lax security, and your small business could be a target.
What can I do to protect my small business from hackers?
There are a number of things that you can do to keep your business safe from hackers, and you’ll be surprised at how simple some of them are.
If you’re really serious about ensuring the privacy and security of your small business’s data, encryption will set your mind at ease. While the word ‘encryption’ might evoke images of hackers, governmental surveillance, and bank security, it’s actually not nearly as intimidating as it sounds, and can keep prying eyes out of your valuable data.
What is encryption and why does it matter to my business?
While there’s no way to verify the story, it’s said that the first encryption system was the shift-3 system used by Julius Caesar to encrypt messages to his generals. In this system, every letter in a message would be shifted by 3; a C represented a Z, an N represented a K, and so on.
Obviously people have gotten a lot smarter since then, and computing power has increased exponentially. Today, extremely complicated mathematical algorithms are used to turn a message or a file into a worthless mess of seemingly random letters and numbers. By using the correct encryption key, however, the message or file can be decrypted and turned back into its original form.
You can encrypt almost any part of your digital life, but I’ll be focusing on three here: browsing, cloud storage, and messaging.
How can I make browsing on my small business website secure?
You pass a lot of really valuable information through your browser. Bank account login information, supplier details, phone numbers, credit card numbers, and more go through your browser on a daily basis—what if someone were to intercept this information? You’d be in trouble.
That’s where encrypted browsing comes in. By using a couple tools, you can make sure that no one will be capturing your data. The first to you should be using is called HTTPS EVERYWHERE, and it’s a browser extension available for Chrome, Firefox, Opera, and Android. By installing it, you’ll use a secure connection to all websites (whenever possible), keeping your information safe.
The second option is to use a virtual private network (VPN). In addition to encrypting traffic, a VPN also obscures information about which sites you’re connected to, further increasing your security. There are some free VPNs, like HOLA, and some paid ones, like PUREVPN. Paid ones tend to be faster.
If you’re really serious about securing your browsing traffic as much as possible, you can Download the TOR Bundle. Tor is like a super-VPN; most VPNs route your traffic through an extra server to make it harder to track, whereas Tor routes it through three extra servers. It’s the industry standard for safe browsing, though you might find that your browsing speed goes down noticeably. If you know you’re going to be sending confidential information, it might be worth it!
Storage of my small business files securely
Storing files, whether on your computer or in the cloud, leaves you open to attack, as someone could break into your systems and steal them. But if those files are encrypted, getting a hold of them won’t do a hacker any good; you still need the password to open them.
Encrypting files on your computer is usually pretty easy. You can find instructions for Encrypting Files on a Mac here, and Encrypting windows files here. Once you’ve encrypted those files and chosen a password, you’re set to go! When you need to access the files, just enter your password and they’ll be decrypted, ready for you to use whenever you need.
Encrypting in the cloud is slightly more complicated, but you can go about it in one of three ways. First, you can encrypt a file before sending it to Dropbox, Google Drive, or any other cloud storage server. Second, you can choose to use a secure server (see this article for Three secure cloud storage options for your small business). Third, you can use BOXCRYPTOR, a service that encrypts your cloud files.
If you’re especially computer-savvy, you can encrypt files using GNU Privacy Guard so that others can decrypt them, too.
Encrypting and decrypting files doesn’t take much time, but you might want to use it only for files that you aren’t likely to use any time soon or are especially worth of protection. Customer payment information and backup files are great things to encrypt, for example.
Secure Messaging App for Business
Although most people don’t usually send sensitive information via IM or text message, it can be nice to know that no one’s eavesdropping on your messaging. And if you do find yourself in a position where you need to share a password or a credit card number via text, you’ll feel much safer knowing it’s encrypted.
Secure text messaging is best done with a specific app. I recommend TELEGRAM, as it’s free and easy to use. Just get everyone in your organisation to download it and set up an account. Then you can message to your heart’s content without fear of losing important information.
In the computer, I recommend ADIUM for Mac users and PIDGIN for Windows users, both of which let’s you chat with Gmail contacts, Facebook friends, and, all secure and encrypted. And for instant messaging from your phone, CHATSECURE has you covered, both on iPhone and Android.
How secure is SimplyPayMe App for business?
When it comes to card security with our SimplyPayMe online ecosystem, we take it VERY seriously here at SimplyPayMe.
SimplyPayMe App use STRIPE as our card processor, who are PCI Level 1 compliant, which is the highest rating in card security.Stripe processes all the customer card payments, and if they think something is suspicious, they will suspend payments and your account for security reasons while they investigate. This may happen even if you are taking legitimate card payments as when you first join the fraud filters are set very finely. However, there are ways to prevent this for occurring and so here are some tips on how you can avoid this:
Stripe is used by companies like Twitter, Kickstarter, Shopify and Pinterest and are one of the most trusted platforms in the world for secure card payments.
If you wish to show this to your customers, you can put this rosette on your website to indicate that you use SimplyPayMe App and that any payment that they make will be handled efficiently and securely:
Here’s some useful information which will give your customers some reassurance:
– When doing a face to face payments, let the customer hold your phone, check the amount and then press accept to the job. This gives them control over the transaction and allows them to see for themselves what the app is doing. Mobile card payment technology is very new to the market and this might be a person’s first experience using such a unique system, so it’s important to introduce it to them and walk them through it so there isn’t any confusion or anxiety.
– The card details are never stored on the device or on our servers. The long card number and expiry date is X’d out as soon as it’s scanned and is only present for that transaction. Neither SimplyPayMe App or the web dashboard have your customer’s card details.
– Stripe takes 7 non-working days to process a payment to ensure that no fraudulent payments are made through our system. This is all in the interest of security and protection for both the merchant and the customer.
Here are some more Do’s and Don’ts to secure your small business
Do give yourself a proper Company name, Business Name, and Account Name – “trader” or “plumbing” is too generic and isn’t easily distinguishable. Please provide proper names for you and your company and if you are a Sole Trader name yourself “(Insert your name)(Insert profession)”. Example: “Tom Banks Plumbing”.
Do try to use a proper business email address associated with your business website if you have one. Example: email@example.com. This shows you are a proper business and not just a generic Joebloggs@yahoo.com and a generic Business Name for your account.
Do verify your email and take any action on emails from SUPPORT@STRIPE.COM – they only email you important things so do keep a lookout for emails from them in your email inbox.
Do a test payment for £1.25 in your SimplyPayMe App account – the first payment takes 3 extra days (10 non working days) and taking a test payment will get this out of the way and also verify your bank account so payments will go through more smoothly later on and only take 7 non working days.
Do proper Job records including a Customer and Invoice especially if the card transactions are over £100. Adding customers and creating invoices with proper descriptions of the services or products you are providing will generate proper documentation of payments for both Stripe and SimplyPayMe App, and is also very useful for your own records and running a good business.
Do have up to date contact information on your account, including mobile number, email, bank account, address. It’s part of our (KYC) Know Your Customer rules which require you to have contact information that your customer can use in case there is a problem with a card payment.
Don’t take large card payments in quick succession as soon as you’ve created your account. If you use the same customer Credit or Debit card to take card payments in quick succession your account will be suspended and the card payments refunded back to the customer and you will be banned for this activity, as this is the most serious level of card fraud. If you need to take several card payments from one customer then click or tap ‘Create a Job’ then ‘Add a Customer’, then ‘Create an Invoice’, then ‘Add Costs’ and run the ONE card payment. If its a large first payment (over £1,000) then run the card payment and then email us the invoice so we can notify Stripe, and also provide any documentation or information required by Stripe.
It might sound like a lot of hard work, but getting your business set up to encrypt its data and use a next generation secure payment platform doesn’t take much time, and it’ll significantly increase your resilience to cyber crime. By encrypting your browsing to protect your passwords and confidential data, your local and cloud storage to protect all of your files, and your messaging, you’ll take a huge step toward your business and customers being safe online.