All, Blog, Cybersecurity, Payroll Vault, small business security


It doesn’t take a rocket scientist to answer this question. However, at what level does it need to be addressed? Enterprise level corporations have far higher protection against serious risks than small businesses that have less to offer (in regard to monetary capital), and less to lose. Nonetheless, you need to protect your business at any level of size and here’s a list of basics to get you started.

Keeping your software updated

Updates are released for software products all the time. It’s important to stay updated as older versions may become unsupported by the manufacturer, require patches for unsecure code, or eventually become defective. Is it possible for errors or other issues to occur with a new update install? Sure but unless you’re seeing major update issues posted on forums, it’s wise to install the update. If you’re unsure, you can contact your IT department or research what the manufacturer states in the release notes.

Is your password safe?

It’s good to keep your list of passwords guarded heavily in a password-protected document hidden where only you can access it. Most sites will give you prompts periodically recommending that you change your password. Take advice from Nike and “Just do it”. Make your password a tough password with a combination of uppercase, lowercase, alphanumeric characters and symbols. Don’t use the same password for everything. If your office uses a standard password for a login, make sure it’s gated and incredibly secure.

Social media risks

There’s plenty of social networking sites out there and a ton of social media content always flowing. Remember when all those Snapchats were leaked? A good rule of thumb is to know that nothing is TRULY safe and protected. Facebook even logs what you type even if you decide not to post it. With this in the back of your mind, don’t post or share items that may have the potential to hurt you or your company. Whether your post appears completely innocent or not, simply stay away from bringing yourself the added risk. Even if it’s a private workspace, log out after each use -it’s a good habit.

Avoiding scams

From false tracking numbers, to phishing sites and emails, scammers are becoming more creative in how they can get your information. Easy ways to identify scams when they look relatively legitimate are to:

  • Look at the hyperlink by hovering (not clicking). If it’s driving you to a different site, you are looking at a scam (scam hyperlinks will likely point some place else besides the actual company’s site).
  • Look for spelling and grammar. If it’s a scam, it will likely give itself away with misspellings or grammatical errors.

If it’s difficult to tell, consult with your IT department.

WIFI password protected

It’s common to have a secure, password-protected network. What may not be so common is having both an office Wi-Fi available for office and employee use and a separate network for office guests. Both should be protected with different passwords and only the guest password should be given out. It is also wise to change the password periodically.

Anti-virus/Internet security

It is very common for an office to have some form of anti-virus and Internet security. If you are a small business who loves do-it-yourself practices, either do your research or get an IT consultant to help you figure out the best software. Not all Internet protection is created equal.

If there’s a questionable file or site, don’t download or open it. You can always find sites online like that allows you to enter a URL or file to run it through their tests.

Physical theft protection

Without even thinking twice about it, employees may be exposing their company to potential information theft. If employees are writing down passwords and posting them at their desk or forgetting them, but keeping them in a public place, this creates a giant risk. If someone infiltrates your office, they’ve found a goldmine of easily accessible sensitive information. People don’t even have to sneak into the office. It could be a potential client visiting the office for a consultation to the night cleaning crew. It’s best practice to keep all passwords on a password protected document such as an excel spreadsheet. It’s also good to mix your passwords up for all of your various logins and also use a combination of uppercase, lowercase, symbols and numeric characters.


Many of these preventative measures may seem obvious, but that is why so many small businesses overlook them and can end up with a much larger problem on their hands. Be proactive in protecting your business’ information and you can be sure you’ll end up thanking yourself later.