In the field of online reputation management, even simple mistakes can wreak havoc on your reputation, so you learn quickly that you need to be prepared for the worst-case scenario. You’re prepared for problems such as bad Yelp reviews or Twitter scandals, but have you thought about cybersecurity problems such as data breaches or identity theft? What happens if hackers access your private documents and publish the results? Are you doing your best to secure your online assets to prevent digital disasters?
The danger of a cybersecurity breach is twofold: not only can it cause a leak of reputation-damaging information, but having a data breach at all can make your company look unprofessional and untrustworthy and drive away potential customers. Luckily, an ounce of prevention is better than a pound of cure, so you can get started on preventing data breaches today, and sleep more easily knowing that your reputation is even safer.
We’re going to go through a list of the security basics that you might not be considering when you’re focused on your reputation. Afterward, let us know in the comments what you’re going to do differently to keep yourself and your reputation in good shape!
Step 1: Choose good passwords
Good password “hygiene” means choosing a secure password and then doing the necessary regular upkeep to keep it secure. A secure password should stump hackers who try out millions of possibilities to crack your account. It should:
- Contain both capital and lowercase letters
- Include at least one number
- Include at least one symbol (if allowed)
- Avoid dictionary words
- Avoid identifying information (such as your date of birth or anniversary)
A simple strategy for coming up with very secure passwords is to begin with a phrase. For our example, we’ll use the phrase “an ounce of prevention is worth a pound of cure.” We can take the first letter of every word and combine them with numbers for a password that’s both hard to crack and possible to remember, like “a0oPi5WaPoC!” It’s a good password as well as a good reminder!
To make sure your password stays secure, avoid using it for other accounts and make sure to switch to a new password every few months. Otherwise, someone who hacks one account can easily access all the rest of your accounts! Also, make sure you never record passwords in a digital document or on paper. If someone comes across it, whether by accident or on purpose, they won’t need hacking skills to access your account!
All of these criteria can make keeping your passwords straight seem impossible. Luckily, there are trusted password services, such LastPass, to help you out. LastPass creates a password vault for you that you can access with one master password. It will fill in password fields for you automatically, as well as help you come up with new passwords that fit the criteria above. 1Password is another option as well.
An additional note: never share your passwords. If you need to collaborate on a document with someone, use a service such as DropBox or Google Drive to authorize them as an editor without sharing passwords. If you absolutely must, LastPass will allow you to share passwords in a completely secure way. Never send a password by text, message or email, even if it’s encrypted!
Step 2: Only allow account access to those who absolutely need it
As we briefly discussed in the section on passwords, making sure your accounts are only accessible to those who absolutely need to access them is critical to managing both your cybersecurity and your online reputation.
Restrict access to only those you trust and those who absolutely need to directly access your account. Even if you trust someone to never purposely sabotage you or your information, you should restrict access as extraneous access. It can allow hackers another avenue into your data.
For example, never give someone the ability to edit your blog just so they can post a guest article. Instead, let them send the document to you and post it yourself. Your assistant’s WordPress account can probably safely be authorized to edit your blog, but your intern probably doesn’t need to have that ability, even if you think they’re perfectly trustworthy.
This is another security practice that requires upkeep, as the list of people who should have access to accounts can change. For example, what if an employee transfers to another department or leaves the company altogether? If there is any suspicion of animosity, it is especially important to remain on top of this practice. Make sure to go through your accounts every few months (maybe at the same time that you’re updating your password) and cull everyone who doesn’t need to be allowed to access them.
Step 3: Keep all devices and software updated and secure
When it comes to your devices and the software you use on them, you probably only think about updating when something goes wrong or you want a new and exciting feature. However, most updates are actually security fixes.
If a program’s developers learn of a security hole, they’ll release a patch as soon as possible. If you want to keep your devices and accounts safe, you will download and install those updates as soon as they’re out, or you’re leaving yourself open to security holes that are already fixed!
However, when you update your software, you need to be careful. Fake update downloads are a favorite strategy that hackers use to encourage you to install something that’s actually harmful. To make sure your updates are legitimate, only accept downloads that come from the software itself. If you get a pop-up in your browser or an email instructing you to update something, ignore it and mark it as spam. If you want to double-check its legitimacy, you can do so by opening up the software and finding the update information, usually under the “Help” menu.
Step 4: Educate your employees and colleagues
Unfortunately, the number one threat to your cybersecurity is the humanity of the people on your team. When it comes to both cybersecurity and reputation management, a well-meaning mistake or simple oversight can cause just as much (or more) damage than those who are out to do you harm, like hackers.
Anyone who has access to your devices or accounts can accidentally create an “in” for those who want to access your financial data, account passwords or other information. If you’ve already minimized the number of people who can access your accounts, your next step to maximize your safety is to educate everyone on how to keep themselves and others safe.
There are many ways to educate people on the most important tenets of cybersecurity. You can arrange meetings and seminars, schedule e-mailed reminders, hang posters and create policies, just to name a few. Get creative and it will pay off in better security for everyone!
Additionally, you can remove some of the human element of security threats by using a Virtual Private Network (VPN).
Step 5: Use a VPN
A VPN is a subscription service that, for a small fee, will greatly improve your security. VPN technology was invented to help employees access company networks when working remotely, but now it’s put to use in a variety of security applications. A VPN will create a secure tunnel from the source of data to its destination, as well as encrypting every individual unit of data that passes through that tunnel. It will make your devices immune to most of the common hacking methods.
Using a VPN is especially important in companies and other situations where multiple people and multiple devices are accessing the same accounts or information. If you want to eliminate some of the possibility of human error, you can mandate VPN use, or simply install one on the company router. That way, all information gets sent through it, practically eliminating the possibility of hacking.
What will you be doing differently to manage your reputation now that you know more about cybersecurity? Let us know in the comments below!