Editor’s Note: Today’s guest post comes courtesy of PayPal as part of their continued efforts to support the growth of Chile’s SMB community.
Brett McDowell, Sr. Manager of Ecosystem Security for PayPal—leader in electronic payments—shares 9 tips to help entrepreneurs and SMBs prevent cyberattacks.
PayPal’s Safety Tips:
1. Ensure your email preferences are set to show the full email sender’s address. Many emails – only show the “display name” for who a message is “from” instead of the actual email address. Once you can read the addresses, you know who is a suspicious sender and who is not. So don’t open or reply to an email that comes from a suspicious sender, especially if they include attachments or links. These files can include viruses.
2. If you don’t need to share your sensitive data for your business on a website, don’t do it. Services likePayPal will store and secure sensitive payment information on behalf of its customers so they don’t have to share bank account or credit card numbers with all the websites they transact with. These type of precautions not only help you avoid information leaking out—but also allow you to focus on your business growth rather than business risks.
3. Keep a clean machine. All systems must remain clean from viruses/malware because these malicious applications steal your passwords and other sensitive information. Use anti-virus software from a reputable source and keep it up-to-date, along with all the software on the machine especially anything related to the web browser and its plug-ins.
4. Install a Firewall. Firewalls help you close off the ports that you don’t need to be open. You can be specific about what type of traffic you limit to your network. This step will also prevent hackers from tapping into your network as well as block suspicious websites.
5. Enforce smart password use. Every business needs to protect their information and passwords are still one of the most vital ways of doing this. A good password is memorable, uses a combination of lowercase and uppercased letters, symbols and numbers. For example, think of something memorable that happened to you, and represent it as three words. This makes it easy to remember for you, and hard to guess for hackers. Add symbols and numbers to make it even more secure. Don’t re-use the same password at more than one site.
6. Restrict and minimize employee access to sensitive data. Only select staff should have administrative access. Phishing attacks are customized to trick your employees into clicking on a link that would download malware to their computer. This is how many of the high profile data breaches of the past few years have been perpetrated. But the malware can only get access to what that user/system has access to. Every time you expand access rights, you also expand the threat surface you must defend. Keep access rights on a “need to know” basis and always require information security awareness training for those with access, including (and especially) company executives.
7. Make safety a priority. If you’re an SMB or large corporation, CEOs must take responsibility for security and collaborate with their IT departments to keep their businesses secure.
8. Protect your information, and that includes backing it up. You may also consider backing up your business’s vital information on a regular basis automatically, using a combination of vetted cloud and/or off-site backup so that your information is kept safe and your business is able to recover from an unforeseen disruption or natural disaster.
9. Auto screen lock – Ensure that screens are locked if there is no activity for a few minutes.
Global eCommerce and local initiatives are helping generate opportunities to the 1 million SMBs in Chile—but it’s up the business to apply safety measures. Applying PayPal’s 9 prevention tips can help these merchants focus on growing their business rather than dealing with a cyber-catastrophe.
