If you're looking to start or expand your business via the internet putting encryption and cyber security measures in place before you start is a must. You need security for your business and your customers or clients. Without it trust and goodwill will suffer. Learn about what security covers, areas to address and what it might look like for your business.
Survey Your Business Technology and Secure It
Before you can protect your business and your customers from cyber threats, check over and size up what you have and what you need:
- How and where do you use computer technologies? In your business, or to do business, e-commerce, for example?
- What system and equipment types do you use? Desktop computers, servers and/or mobile devices such as laptops for sales and field staff?
- Do you have multiple locations and need to connect via a network?
- Your business may be subject to laws or regulations with compliance and security requirements
Your business may engage in online sales, keep customer or client accounts and profiles or even have community or forum areas where users can share information. Information is moving back and forth, and it needs to be secured. How? Encryption.
Scrambling Data and the Secure Socket Layer
The basic idea of encryption is to scramble data so third parties can't view or intercept it. Secure Socket Layer (SSL) is the system for encryption. SSL relies on action by both sender and recipient to exchange data securely. You know there's SSL protection by the padlock at the bottom of a web page, or by an address beginning with https:// - what you see depends on your browser.
A server and a user's browser work together via encryption keys, called public and private keys to encrypt and decode information. There are different levels of encryption; 128-bit is the encryption type suggested. Less secure types, such as 40-bit may be vulnerable to hackers.
Get an SSL Certificate
Your business will need an SSL certificate to offer secure communications; buy one from a certificate vendor or authority, such as Verisign. This digital certificate has a public key and owner information, and serves to validate credentials. There are tools to allow you to create an SSL certificate, but this type can trigger browser warnings and isn't as credible. From here, the public key, and private key, on the user's end, encode, exchange and decode data.
You might use SSL certificates on your web site, for communication between servers, mobile devices and to secure internal messages.
Cyber security may seem like an added burden on your business, but you can't ignore it. Once you're "secure" you can continue focusing on your business's core mission, and solid security may even help you succeed.
Questions for Your Attorney
- Can you help me with cyber security planning and risk management for by business?
- Can you review the contracts between my business and technology service providers?
- Do I have to use the latest security methods to avoid possible liability for a security breach?