Is your business ready for the holiday season?, Tuesday Tech, Published by SRQ Daily Freshly Squeezed Content Every Morning – Tuesday November 3, 2015

03 November 2015,   By ,   0 Comments

Every business should take extra steps to safeguard its customers’ information and protect business technologies from hackers. It is always a good practice to change passwords at least 3 times a year. Make your password hard to crack. Good passwords should include both uppercase and lower case characters, special characters (like #$%! etc.) and be at least 21 characters long. You can find a few good online password generators (https://lastpass.com/generatepassword.php). If you use a password generator, make sure the passwords are generated on your local device such as your laptop or desktop instead of your handheld, and to be extra safe, change a few of the characters in the auto generated password before you use the new pas sword. A strong password would look like this: “g8T06^P4h&Jw@5X*8Aa79We.” Using a phrase with numbers replacing some key text characters is also a great idea.

A strong password is important to protect personal information and business assets online. Using a different password for each unique web site login that is long and has multiple types of characters (numbers, letter and symbols) will help protect you and your business from someone hacking into your accounts.

Make sure you have a current and up-to -date back-up of all customer information, which is located on your server or customer database. Purge any stored credit card information. The best practice is to simply not store credit card or payment information at all. Consider placing your sensitive information on a secondary computer with a second layer of protection. If possible, segment the information or databases into groups by states (example – Florida, New York, etc.) and keep the information encrypted and current.

Store your back-ups off-site by signing up to a cloud service or tape backup and then manually remove the tapes from the property to a safe off-site location. Have an emergency plan in place for different scenarios. Identify one person as your point of contact and have a communication plan. Set up a private Twitter account accessible only to your executive level staff, who can quickly send out alerts should any information breach occur. Make sure all SSL certificates are up-to-date, and update or change all encryption keys.

Example of an emergency plan. 

Pre plan – work up some scenarios and have communications ready to send that deal with the following five items:
1. Denial of service attack;
2. Attacking of sensitive information
3. Security breach of website, outdated software, badly programmed application;
4. Security breach of credit card information;
5. Web hosting server ceases to work or crashes

Emergency execution plan

Designate a lead contact person. Create an alert system internal to your business. A “private” Twitter channel is a good inexpensive solution. Have a team of legal advisers, security experts and programmers available to act if you must respond to an alert. Run through some of the above scenarios. Know your legal responsibilities in the instance of a breach. Find and remove the malware or define the security breach and remedy the problem. In case of a breach, immediately change all passwords and if possible perform a server level lockdown of all ports.

I know most of you think you will never deal with any of these problems. Unfortunately, the facts are that your data will or has already been targeted. If your website is online and accessible through the Internet, you’re already exposed. The last thing you need to worry about when you’re on vacation are any of these issues creeping up. Taking some simple steps now and doing some preventative maintenance goes a long way towards giving you a measure of security. And the timing is perfect.

Have your website creative completed and time implemented on your website. Technology exists today to allow you to create a season-specific theme for your website that will automatically launch on a given date and expire and revert back to the non-holiday look automatically. Upating your website for the holidays sends a message to your customers that proactive and aware of their needs. Designate a specific section of the website for holiday specials, rebates and coupons. Install analytics and tracking software to make sure you’re getting the most out of visitors to your website.