Cyber Security

When It Comes to Startup Security, Strategize Like A Chess Master

Protecting your startup from malicious hackers can be similar to protecting your king from the enemy’s attacks in a game of chess. The similarity can begin with the way a chess grandmaster moves nimbly on the board with intent. He or she employs tactics (“short-term calculations to accomplish goals”) and a strategy (a long-term plan) not only to protect the pieces but also to capture the enemy.

If you are a novice founder, include cybersecurity in the list of things you need to establish in your first year. There is no reason to delay dealing with this issue. Avoid making the mistake of ignoring the challenges surrounding it. And make sure you tackle it with the mindset of a top chess player.

Here are 5 ways to help you get started:

Think ahead and plan

A cyberattack can halt your operations not only for days but for good. According to the US National Cyber Security Alliance, 60% of small companies closed within 6 months of a cyber attack.

The demise of Code Spaces, a source code hosting provider, serves now as a classic example. Hackers were able to gain access to its Amazon EC2 control panel and started to ask for a large sum in exchange of recovery.

When Code Spaces did not comply, the attackers deleted most of its data and other resources. The then seven-year-old startup was forced to shut down its services.

So think again. Shopping and setting up the best tools to improve your company’s security do not seem to be as high a priority as UX and product design. But you cannot risk losing your whole business because of a security crisis. Besides, clients today worry about online security as much as they fuss over system lags.

Master the opening, mid, and endgame strategies

Similar to the first, this point is about having a long-term plan regarding your startup security. It is not enough to say, “Okay, let’s try this service and see how it works.” Then you just replace it when it fails. For instance, two computer engineers identified vulnerabilities in 17 Indian startups collectively worth more than $10 billion. They concluded that “almost every startup here has security bugs.” It does not matter if you are one or 6 years old.

So how do you go about this as you are approaching 5, 10, or more years? Even Facebook has established a Bug Bounty Program. Planning to launch a mobile app soon? Set up security parameters early on. Or you will only make yourself more vulnerable than you think.

Be on the offensive and the defensive

In chess as in business, it is important to know who your enemies are. When it comes to cybersecurity, gone are the days when potential enemies would be disorganized and lack sophisticated tools to launch a devastating attack. From the get-go, you should concern yourself with protecting your organization from this kind of threat.

By playing the offensive, you are attempting to understand the plays and approaches of the attackers. You are also setting out to find your own vulnerabilities. Only after being on the offensive will you be able to develop barriers and fight off these malicious hackers.

Concentrate your efforts as an executive

Cybersecurity is a growing area of focus not only for businesses but also for governments. Even international organizations are treating it as a prominent issue. As a startup founder, it is not enough to leave it to the CIO. Take the time to look at online security, its nuances, and the changes surrounding it. Be a driving force, not just a signature on the budget approval form. Give your full support to the tech team members as they constitute an important aspect of your business.

Learn and outgrow yourself

Speaking of support, allocate resources for training your tech team. Encourage your employees to update their knowledge and skills by attending industry conferences and taking crash courses. Your security department should remain solid as hackers also make advances in their attacks. You depend on them as much as you do on the system they are in charge of protecting.

Aside from human resources, invest in infrastructure. Make sure you have the latest tools that will help you beat potential offenders.

Continuity is key in securing your online assets and services.

No comments
Jeremy WebbWhen It Comes to Startup Security, Strategize Like A Chess Master
read more

Top 5 Security Strategies for Home-Based Entrepreneurs from IoT Cyber Threats

The internet brought forth the age of home-based entrepreneurship. Whether you want to sell products online or launch an SaaS startup from scratch, all the resources you need are now accessible through your online browser. But as the world grows more connected through the IoT, enterprises big and small need to be craftier and more resourceful when it comes to cybersecurity.

According to statistics, that 60% of small businesses and startups fail within six months after being targeted by a cyber-attack. This means you should never skimp on security even in the early stages of your venture, especially now that skilled hackers can easily tap into the power of IoT devices to ignite all-out cyber warfare whenever they want.

But how can a startup that’s barely on its feet afford adequate security against the myriad of cyber threats out there? Simple – they need to focus on cost-effective security tools and DIY strategies to protect their data without breaking the bank.

1. Leverage Free DDoS Protection from Cloud Platforms

A DDoS or ‘Distributed Denial of Service’ attack is a major cyber threat wherein hackers attempt to bring a site down and deny service to its legitimate users. They usually leverage a network of infected computers, also known as ‘botnets’, to spam traffic and overload a website’s servers. As a result, you may lose several days’ worth of revenue and suffer a stained brand image for providing a bad experience to your existing customers.

Fortunately, you can easily deploy basic DDoS protection from providers like Cloudflare. Even with the free plan, your online business can have basic protection against cyber-attacks through SSL encryption and page rules. You can even take advantage of the free ‘Content Delivery Network’ or CDN to improve the page loading time for your online audience worldwide.

2. Utilize Encrypted Messaging when Working with Freelancers

Hiring freelancers is one of the fastest ways to mobilize your business plans. However, you need to be extremely careful when exchanging sensitive information online. To keep conversations private, you can use messaging apps with built-in encryption features like Telegram. Alternatively, you can enable encryption features in email clients like Microsoft Outlook.

In case your remote team prefers working in libraries, coffee shops, or any other public place, encourage them to do so via ‘Virtual Private Network’ or VPN. Doing so will prevent hackers from intercepting the information that they send and receive whilst connected to a public WiFi network.  

3. Use Parental Control Tools 

As a home-based entrepreneur, you may think that your children are the least of your worries when it comes to cybersecurity. But under the wrong circumstances, they could be the biggest physical and digital hazards in your home office. Apart from accidental spills and food droppings on important documents, children may also download malware into their devices unknowingly, which can easily spread to other devices in your network as they attempt to transfer files.

One way to childproof your home office and protect your data is to go paperless. For this, you’ll need cloud platforms like Dropbox or the G Suite. When it comes to their online safety, the easiest way to keep them protected is to use a comprehensive parental control software like Norton Family Premier. This will allow you to prohibit access to unsafe and inappropriate web content.

4. Implement DIY Smart Home Security for Physical Break-Ins

Home-based businesses typically employ professional security services to keep their assets safe from cyber criminals. While the initial fees of these services are more than reasonable, they often involve recurring costs that can quickly accumulate over time – from monitoring to the occasional maintenance.

Fortunately, there are now more cost-effective and lightweight platforms that can get the job done. With the help of IoT devices, home-based entrepreneurs can easily build their own smart home security infrastructure to protect against physical break-ins.

Here is an infographic that demonstrates the difference between DIY home security and traditional security services:

Infographic source: Ooma

5. Keeping Multiple Off-Site Backups

In 2014, Code Spaces – a UK-based SaaS startup – closed its doors after being hit by a DDoS attack and having their data on Amazon stolen by a hacker. Although not a lot of startups are prepared for such level of attacks, one of the main reasons why Code Spaces wasn’t able to recover is because they crammed all their backup data in the same location as everything else.

To avoid sharing the same fate, be sure to create multiple offsite backups of your important data. Doing so serves as a failsafe that will help you stay in business even after suffering a cyber-attack. In addition to creating backups to physical drives, you can also save your data through automated services to avoid the hassle of frequently creating backups.

No comments
Jeremy WebbTop 5 Security Strategies for Home-Based Entrepreneurs from IoT Cyber Threats
read more