Protect Your Online Business: Minimizing Cybersecurity Risks in a Remote Environment
Learn how to prevent Denial of Service attacks, phishing emails, ransomware and complacency to avoid significant damage to your business reputation and client's privacy.
Cybersecurity risks can do significant damage to your business. Not only do they risk your own time, money and information, but they can also be harmful to your customers. The Marriott breach that made international headlines several years ago compromised the personal data of hundreds of millions of people.
Your remote business probably isn’t operating at quite such a large scale. Nevertheless, if you lose people’s private information, it will come at the cost of your clients, and your reputation. You don’t want that.
READ: How to Minimize Cybersecurity Risks and Balance Customer Friction for Your Online Business
The remote business problem
Remote businesses are not necessarily uniquely vulnerable to cyber threats save for one factor — they do not have a brick-and-mortar location, so every action you make takes place online. This gives you more vulnerability.
With no centralized location, you are subject to your team member’s decisions. The phrase “you’re only as good as your weakest link,” definitely applies here.
Hackers don’t need very much to get in. One mistake even from a low-ranking member of your team can be all that a bad actor needs to gain access to your entire system. Once they are in, it’s an enormous amount of trouble trying to get them out.
Denial of service attacks
Denial of service attacks aren’t as destructive as they are disruptive. Basically, DoS attacks flood your computer system with hundreds of thousands of fake requests. While your computer is overwhelmed, it can’t function the way it is supposed to.
Even a relatively simple denial of service attack can knock you out for several days. They also may require professional intervention. DoS mitigation companies can set you back hundreds of dollars, further increasing the damage done.
Most people think that they are above phishing emails. You know that if an African prince writes you up asking for money, you’re better off politely declining their request. But what if Amazon writes in to tell you that your preferred payment method has been declined on your Audible account? Or if Microsoft writes to let you know that they are currently processing your subscription renewal payment for $1000?
These emails look like they came from brands you use and trust. The fonts and formats are the same. The email addresses look legitimate. But they are designed to trick you into handing out sensitive information.
In your right mind, you probably know that Microsoft doesn’t just charge people $1000 for no reason. However, when you get that message saying you’re on the hook for a huge bill, it naturally initiates a panic response. You don’t think clearly, and you make mistakes.
READ: Prioritizing Cybersecurity When Building Your Company Website
Ransomware attacks hold your computer or personal information hostage in exchange for money. These attacks usually target large businesses or even countries, but private individuals and small businesses have been known to experience them as well.
Of course, there’s no winning here. People who would break into your computer and demand money can’t be trusted to leave you alone once you pay them. It’s almost always better to repair or replace your system once it falls victim to ransomware.
This may sound like an “only you can prevent forest fires,” type of line, but it’s true. Complacency is the biggest threat to cybersecurity for small businesses, and even for powerful organizations and countries. Almost all of the major breaches that you hear about in the news happen because someone got careless.
Well, ok. Not actually all of them, though. For example, I read about this thing that happened in Ireland a couple of years ago. You wouldn’t—
You must mean when Russian hackers broke into Ireland’s national health network? They locked the government out of their own computers for months and published hundreds of people’s personal data online as part of a cyber terrorism initiative.
Yeah. Terrible stuff. But you can’t blame complacency for something that big.
Oh no? It happened after a relatively minor-ranking government official opened the wrong email. We could go on and on naming specific examples, but you’ll find the same story playing out time after time. People let their guard down, and they forget to exercise their usual caution. It’s common, and it’s also catastrophic.
Don’t let that happen to you. Stay on top of your cybersecurity risks to help keep your business going strong. You don’t have to be a software engineer to make sensible cyber-security choices. A little common sense can go a long way toward protecting you and your customers.
Andrew Deen has been a consultant for startups in a number of industries from retail to medical devices and everything in between. He implements lean methodology and is currently writing a book about scaling up business.