The better way to sell online

Common security mistakes small businesses make

Cyber crime happens every 39 seconds on average, so being online won’t protect you against someone breaking into your business. These are four of the most common mistakes small businesses make when it comes to data security, and how you can keep your business safe against them.

1. Not using 2-factor authentication

81% of cyber security breaches happen because of weak passwords, so even though frequent password changes and waiting for verification on your phone can be annoying, it could save you thousands of dollars.

Password managers can help you manage this problem; tools such as Last Pass use encryption to keep passwords safe, even when you’re dealing with multiple clients or need to access your passwords from a different device.

That said, password managers are still third-party tools, so although they can keep your passwords safe, they can also be targeted by cyber criminals. That’s why security experts are increasingly recommending 2-factor authentication as the default method.

2. Not making use of VPN’s

In this week’s second article, we wrote about how to keep remote employees engaged: but it’s also vital to keep their (and your) data secure.

If you’re not sure how your remote employees are accessing the internet, or if they’re doing so in public spaces using public networks, they could be at a higher disk for data breaches.

Setting up a secure VPN can create remote data portals which securely send information back and forth, meaning your employees will be able to access your systems more easily and won’t have to keep sensitive files on their own computers.

3. Not having an emergency plan

If the worst-case scenario does happen, how will you react? Studies show that businesses which plan for the unthinkable bounce back much faster and experience less client/customer dissatisfaction, so it’s well worth making a contingency plan.

Having backup servers and systems, frequently backing up your content, having proper barriers and monitoring systems – these are all things which can help you navigate a potential attack.

If you’re not sure how to best protect your business, take the time to meet with a cyber security consultant: they’ll be able to walk you through your strengths and weaknesses, and how you can better protect yourself.

4. Not training employees

1 in 8 employees accidentally installs some virus or malware each year. Scamming systems have become so complex that even if you email a client back asking if their attachment is legitimate, the systems can send you back a verification email that it is (which is why 92% of cyber attacks occur via email).

Even if your business doesn’t deal in highly secure data, hackers could still access it and damage it: making sure your employees are up to date on their training could save you all a headache.


Addressing cyber security honestly and openly, and training your employees in correct email use, internet access and password authentication processes can make your business stronger and safer.

- Lena Klein

Bring your store to life with ShopFactory.
ShopFactory is the easy way to create mobile friendly websites and online stores.

Mobile mode