As a business owner, it’s important to take information security seriously - not only for your sake, but your customers’ too. Allowing sensitive data to fall into the wrong hands can cause serious trouble for your brand reputation, or worse.
Today, we’re going to highlight some of the easiest and most effective ways you can protect your important accounts, online activity, and device data from prying eyes and malicious activity.
Don't worry - it's easier than it sounds.
1. Use a password manager
According to a Harris Interactive survey conducted for Password Boss, “59 percent [of respondents] admit to reusing passwords because it is too hard to remember them, and more than half of Americans (54 percent) agree that they need to change their password habits.”
When the security of your business and customer data is at stake, simple or reused passwords won’t cut it.
That’s why you should use a password manager.
Password managers work by generating strong passwords for the websites you visit and storing them in an encrypted vault with a single master password. This ensures that your passwords are not only uncrackable, but also that you’ll have a unique one for every website - one of the most important and effective security measures you can take.
Keepass and 1Password are two popular password managers you can use, but check out this article from Lifehacker for a full rundown on their top five.
2. Encrypt your online store
Traditionally, most ecommerce websites use SSL encryption technology to protect a shopper’s personal information during the checkout process. While the checkout process is secure, all other traffic to the ecommerce website uses the old, unencrypted HTTP protocol. This has been the common practice for about twenty years.
It’s time for an upgrade.
Last week we announced that all Shopify stores now use SSL encryption everywhere. That means no matter what page your customer is on, they’ll be browsing securely. You can now easily encrypt your online store by clicking “Activate SSL certificates” in your Shopify account or by using the yellow button below. Once activated, all your traffic will be redirected from HTTP to encrypted HTTPS.Encrypt your Shopify store
3. Enable two-step authentication
Enabling two-step (or two-factor) authentication provides an extra layer of security by requiring two pieces of information for every new login attempt: your account password, and a single-use authentication code received via SMS or authenticator app. This ensures that even if someone were to discover your password, they’d still need access to your mobile device in order to successfully login.
If you’re concerned about protecting your important accounts, enabling two-step verification is a must - and that comes straight from the president:
“In partnership with industry, we’re [encouraging] more Americans to move beyond passwords—adding an extra layer of security like a fingerprint or codes sent to your cellphone.”
Here are instructions on how to enable two-step authentication in Shopify. To learn how to enable it elsewhere, visit the Two Factor Auth List. If one of your favorite sites isn’t listed, use the built-in tweet functionality to let them know you’d appreciate the service.
4. Encrypt your devices
The security measures listed above are a great place to start, but in the event that someone were to gain access to your laptop or mobile device, many of them would fail to protect your data - especially if your passwords are saved or autofilled, or you haven’t set a lock on your phone. Now that you’ve secured your important accounts and customers’ online traffic, it’s time to look into encryption.
Encryption allows information to be hidden so that it cannot be read without special knowledge (such as a password). By encrypting your devices, you’ll ensure that your sensitive information is protected even if someone were to gain physical access to them.
Here’s how to get it done:
- Mac - Enable FileVault in your Settings panel.
- PC - Use BitLocker if your computer is compatible. Otherwise, use one of these alternatives.
- iPhone - Encryption is enabled automatically with your passcode.
- Android - Select the “Encrypt phone” option under Security in your settings menu.
That’s it! Your data can no longer be manually extracted from your device storage. Now it’s time for some basic housekeeping.
5. Update your software
While encryption is important, you’re far more likely to succumb to a software vulnerability than a physical one. The best way to protect yourself against software vulnerabilities is to ensure your operating system, web browser, and computer software stay updated, and to avoid clicking any fake or risky download links.
- Enable automatic updates in Windows / OS X
- Switch to Firefox or Chrome, two browsers that update automatically
- Don’t ignore Java or Adobe update requests - they usually contain important security fixes
- Install anti-malware software like MalwareBytes
Easier than you thought, right? If you followed through on the advice above, congratulations - your accounts and data are now significantly safer than most. If you have any addition tips on keeping your data safe, feel free to leave them in the comments section below.