Published December 05, 2018
Have you heard? Another popular and seemingly trustworthy website has just been hacked. Quora, the popular question and answer forum which allows users to ask and receive answers about anything that comes to mind, reported a major data breach on Monday, December 3rd. Originally founded by two former Facebook employees, Adam D’Angelo and Charlie Cheever in 2009, Quora just announced that they have been hacked by an unauthorized third party and that up to 100 million user accounts (of their reported 300 million users) have been compromised. Forbes reported on this early this morning and you should really go ahead and read more about the details, especially if you have an account with Quora (and change your password!!!!).
In light of this situation, we thought we’d take a moment here to discuss a very important issue that all small businesses and freelancers have to deal with on a daily basis. One in which many of us forget or ignore due to the complexity and lack of time we all have for tasks that seem out of our control and out of sight. The safety and security of your business, company, and information is of vital importance, and so we reached out to our top internal security admin to ask what every small business owner or freelancer should know in order to protect their livelihood.
Here’s what we got:
1. Passwords are KEY:
When you reach out to a big corporation often times they respond with a pre-written script that The average person has upwards of TWENTY-FIVE accounts that they need to keep track of but only have about 6.5 passwords…..this is dangerous!
Use a unique password for each different sign-in you have. We cannot stress this enough! For each account, sign-in, login, etc, you must have a unique password. Common suggestions include: using 8-10 characters, including at least one lower and one upper case letter, using spaces and of course creating distinct passwords for each case.
2. Store passwords in a password vault:
So how can you possibly create or remember so many passwords? Use a password management app such as LastPass or 1Password. They only cost a few dollars per month for a single user and they store the login information and passwords for each account, website or pin you might have. They even help you generate unique and difficult passwords with as many characters, symbols and letters as you request.
If you get one of these apps for your company, you can share common login information through a shared vault and keep your own vault private. Just be careful to include only the necessary people in the shared vault.
3. Be careful where you connect:
Freelancers and remote workers, we’re looking at you! Who doesn’t love to go to their favorite coffee shop to enjoy a coffee and get down to work, or take advantage of your wait time while at the airport? With all the free WIFI hotspots around these days, we forget that free does NOT equal safe. It’s best not to use free WIFI or public WIFI networks when accessing sensitive information.
And in the office, set up a secure network that guests cannot access when they stop by the office.
4. Talk to your employees:
Educate your employees on how to handle sensitive material, where to connect their laptops and what sort of things they should NOT be using company property for. Let them know that surfing the net on their downtime, especially on unsecure sites can lead to a breach down the road. Instruct them on which applications should or should not be used and about safe email practices, such as scanning emails before opening potential harmful ones.
4. Software and updates:
Also inform employees that, although a bit annoying, updating software is very important as it may include a fix to a previous security issue. Potential hackers could know the ins and outs of older versions of software, so having the latest version is a good security measure.
Use a firewall (it should be offered with a good Internet route, so just turn it on) as your first layer of defense.
Lastly, choose a security software for further protection. If you don’t, you could pass malware on to colleagues, clients and customers without even knowing it- definitely not good for business.
Invoice Home is dedicated to the security of our clients. We have passed strict PCI compliance procedures, use only the latest and most up-to-date security measures, and work with other companies that also share our values and beliefs about the importance of securing our own systems so that we can offer you a safe and secure way to create and maintain your invoices. We know that invoicing is a vital part of your company and we take this to heart while we maintain constant surveillance on our networks.
Also, by using Invoice Home, and therefore a cloud-based storage system, you are defending your invoices and your small business as a whole from hard-drive crashes, infections by viruses or invoices simply getting lost/stolen in the mail.