A Scare Tactic That Requires Your Attention
Jupiter Research expects more than half of all data breaches globally will occur in the United States by 2023 — a scant four years from now. The cybercriminal impact is so serious that the FBI now has a “most wanted” list. Take a peek at fbi.gov/wanted/cyber to see if they’re your neighbor. And the small business sector is among the top four targets that hackers attack most frequently. (The other three are energy, education and health care.)
It’s digitally ugly out there and it will get uglier.
You might wonder about the “fear tactic” in this article’s lede. It’s not an accident. In decades of running an IT business, I’ve seen (almost) all of it, and I’m continually appalled by the failure of small businesses to implement even the most basic IT protection safeguards. And accountants are among those with the most to lose because they’re not necessarily the real target. Digital vampires want to suck the data from client lists because that’s what they feast upon.
There are also personal privacy issues. How much of your privacy are you willing to share or surrender? We know, for example, that some game developers and cellphone apps extract personal information, sharing it with advertisers and online tracking companies.
The good news is that the cost of protecting yourself and your business is modest when coupled with common sense. Recommended steps include the following:
- Create a security plan. This doesn’t have to be a grand plan; it might be a few pages. However, you must designate someone to both implement and review the plan annually. You have three choices: 1) delegate it to your IT person; 2) do it yourself; or 3) turn to an outside vendor who has security IT experience.
- Run a penetration test. Can you stand up to a hacker? This is the only way to run a test that will uncover any vulnerabilities. Everything else is a “maybe” or theory. Imagine playing tackle football but not making any contact. Not quite the same, is it?
- Build a virtual private network. It provides you with an “encrypted” tunnel for all your online activities. You’ll have an anonymous IP address while protecting your location.
- Backup. Old advice? Yes, but some businesses are still lax about this one. Do it frequently, but nothing is better than a twofold backup. One that is automatic and in the cloud and another that is a hardcopy and stored off-site. You’ll need this if you get hacked or become a victim of ransomware.
- Cover the camera on your computer. A slip of paper works. Hackers can enter via the camera and follow your keystrokes, for example. Goodbye passwords.
- Protect against viruses, spyware and other malicious intruders. Install anti-virus software and anti-spyware, and you’ll get regular updates automatically. Costs are modest, and software vendors provide patches and updates to fix security issues, while improving functionality. Most important, updates provide fresh protection as new viruses enter the digital realm.
- Browse safely. Ensure that all your browsers are up to date. This adds security and improves performance.
- Review your social media settings. Ensure that you’re sharing only what you wish. Facebook and Google let you opt out of certain options that affect personalization and tracking. Change default issues if you want more privacy.
- Secure your networks. Use firewalls and encryption. If you’re using a Wi-Fi network, keep it secure, hidden and set up a service set provider (SSID) to prevent identifying your network name. Password protect the router.
- Safeguard your internet connection with a firewall and encrypting information. If you have a WiFi network, make sure it’s secure and hidden. To hide your WiFi network, set up your wireless access point or router so it doesn’t broadcast the network name, known as the Service Set Identifier (SSID). Password protect access to the router.
If you detect a sense of urgency and intensity in this article regarding security and privacy, I’ve succeeded. My goal is to protect my client’s IT security and yours, too.
This article appeared in the January/February 2020 issue of New Jersey CPA magazine. Read the full issue.