We are well and truly involved in the holiday season now. For the small business owner in retail, of course, it means (hopefully) a crush of customers and transactions. And even the enterprise involved in non-retail business has to contend with an above average number of vacations and year-end summarizing and reporting.
Clients of the Illinois Small Business Development Center of McLean County at Illinois Wesleyan University (SBDC) are being encouraged to take extra steps at this time of year to beef up their cybersecurity. Consider it an early New Year’s resolution.
Cyber criminals will victimize small businesses to the tune of around 3 billion dollars this year if past trends continue. We all go to great lengths to lock and secure our vehicles and homes from unwanted intrusion. Why would we do any less to protect our customers, our financial information, and our identities from cyber-burglars who can cause infinitely more inconvenience and misery to our lives than somebody who perpetrates a physical break-in?
Above and beyond using common sense to avoid scams and phishing schemes, small business owners can take steps to improve their cyber safety by simply being smart and diligent about creating and maintaining strong usernames and passwords.
I know it’s annoying, but passwords should always be of at least ten characters and should combine special characters (&, $, @, etc.) with a mix of numbers, upper, and lower case letters. Key words or dates are not enough. Think about how easy it is to search the entire internet for a word’s definition. Super computers can try every combination of words in the dictionary as a “key” in your password “lock” in a matter of seconds.
One idea is to take a phrase like “Oh say can you see by the dawn’s early light” and translate the initials into something like “0ScUCbtD3l1tE.”
Remember in old movies when the soldier coming upon a sentry had to answer “Who goes there?” with the password of the day? Yes, they changed that password every day. You should routinely change yours and have your employees change theirs a minimum of every 90 days.
You should use different passwords for every application and supplier…