If you’re starting your first company or just upgrading your systems at a business you’ve owned for years, there are a few tech security terms you need to know. Even if you think your mom-and-pop operation is too small for any criminal to bother breaking in (digitally, that is), the truth is that no business is too small to hack.
Whether you’re going digital or just want to improve your technical know-how, these are five terms you should be familiar with in 2016.
Even if your network and security systems are ironclad, you or your employees could still be your company’s biggest vulnerability. Social engineering targets people, not computers, to gain access to valuable information that could end up compromising your data. Criminals pose as supervisors or IT staff over email or the phone to try and fish for information like passwords, password hints or other login information so they can skip the timely effort of hacking and go straight for the easy access.
Even when your data isn’t at risk against criminals, it could still be at risk against corruption if you’re not automatically backing up your information. Use cloud storage solutions to automatically upload and manage your company’s data so you don’t have to stress what could happen to it on your local drives. And cloud storage, like most online data, is completely encrypted to the point where even the cloud computing service itself can’t peek at it.
Not too different from viruses, malware is software with the sole purpose of either damaging your network or stealing information from it. Common delivery systems include email attachments, downloads from the web or even something as innocent as a bad website. There’s plenty of anti-virus software available to prevent most malware attacks, but you and your employees should still follow the golden rule — if it looks suspicious or you just don’t know what it is, stay away.
Virtual Private Network
If you or your employees access your company’s network outside the office, you’re open to additional attacks in public Wi-Fi settings (such as a coffee shop or airport). But there is an easy and affordable way to shield yourself from prying eyes when sharing a network with others. A Virtual Private Network (VPN) uses a third-party IP address so that your activity is hidden from anyone using the same internet connection. The cost is pennies compared to what you could potentially lose in the event of a breach.
Two-factor authentication (2FA) adds another layer of protection to access codes both in and out of the office. The concept is simple: something you know plus something you have. What you know is your password, and what you have is a smartphone or token with a random six-digit code. Let’s say a social engineering or malware attack happened and now the criminals have your password. 2FA prevents them from accessing your systems even with the requisite information. Two-factor authentication sends a code to your smartphone or token when you login to your system, which asks for the code in return. This prevents criminals from breaking in even when they have the password.