How small businesses can avoid a data security disaster like LinkedIn’s
By John Sileo,
Small businesses live and die by the quality of their contacts – specifically, the degree to which they care for and build trust with the customer, vendor and community networks that make them profitable.
This special “link” makes Wednesday’s social networking data breach particularly troubling to small businesses. After the leakage of a combined 8 million LinkedIn and eHarmony passwords, business owners are rightfully wary of the fallout. The greatest risks: phishing, extortion, and ultimately fraud or identity theft.
According to Javelin Strategy & Research, small businesses experience fraud 50 percent more often than individuals. So, not only are businesses more dependent on tools like LinkedIn for success, they are also more likely to be targeted by fraudsters using data like that exposed this week. Take it from someone who has been there – exposing sensitive business information can destroy everything you’ve built.
My identity was stolen through my business and used to commit numerous crimes, including embezzling nearly $300,000 from my clients. The thief operated using my identity, so I was held legally and financially responsible for his actions. Before I had the fortune and experience to write and speak professionally on this topic, I spent two years of my life just fighting to stay out of jail for crimes I did not commit. I lost my small business and aim to keep the same from happening to you.
Fortunately, there are simple tips to get you started on protection, but you must act quickly. Waiting to take action could threaten your firms’s survival and may have untold consequences.
• Immediately change all passwords on your social networking sites. Delaying this step could have disastrous consequences. Change your passwords now and repeat after a week or two as there is suspicion that hackers still have access to LinkedIn’s database.
• Protect your passwords and privacy. Using the same password on every site can easily expose your business to account takeover. Don’t use identical passwords on multiple sites as this gives hackers access to more than just one site. Instead, create unique, lengthy, alphanumeric passwords for each of your online accounts (social media, banking and otherwise). Change them regularly and consider utilizing password protection software to help you tighten security.
• Beware of new twists and don’t automatically click on URL links. Thirty percent of all computer viruses originate from “social spam” (spam delivered via social networking). These scams target users with seemingly legitimate requests, such as “click here to determine if your LinkedIn account was compromised”. Beware! Criminals will exploit your heightened desire for security after breach events. Your safest response is to deal directly with LinkedIn or eHarmony’s website, not with external emails or social media communication that promises help.
• To avoid extortion and social manipulation going forward, share carefully. Extortion is particularly an issue for eHarmony users, given the highly personal nature of the site. But small business owners also face extortion and deception. Sensitive data included in your profile can be used to develop a close and manipulative relationship with you or your contacts. To protect yourself, clearly identify what kind of business information should be shared on social networks. Don’t post confidential personal or business data, such as financial records, passwords, or anything else you wouldn’t want shared—even if you have marked the content as private. Once content is posted, we often don’t realize how far it can travel.
• Take this as a timely opportunity to guide employees. At the heart of most security failures is poor judgment, often due to a lack of awareness. Educate employees upfront by developing simple guidelines or a social media policy on the potential risks and ways to participate safely. Include personal and professional best practices, and teach your people how to avoid the latest scams. Opening their eyes to these risks goes a long way to protecting your business.
• Subscribe to a service that protects your small business from the impact of a breach. Small businesses must employ efficient solutions that deliver the highest potential return on investment. If your business data is breached, you will need help, which is why you should consider subscribing to a fraud and identity protection service such as EZShield Business Identity Restoration, offered by Deluxe Security Solutions. When set up in advance, these services provide a fully-managed recovery process handled by certified specialists. Restoration services minimize the devastating effects of fraud or identity theft by significantly reducing recovery time. In other words, you focus on your business while experts resolve your breach. I wish I’d had that type of best-in-class solution in place before my business got hit.
Small businesses that take the time to understand the dangers – and take action – will find that social media can be a customer magnet, building brand exposure and creating engagement with potential customers. A little education and action will help business owners avoid fraud, breach and exploitable social relationships.
Follow On Small Business on Twitter.