Today, businesses run online applications more than ever, so it is important to pay attention to online security. Cybersecurity is a growing concern for business owners. The effects on your business or organization can be devastating if a system vulnerability results in a loss of sensitive data. Still many small and medium-sized business owners don’t take the proper online security measures.

In this article, you will find 5 common online security mistakes you should avoid.

1. Weak Password(s)

Weak password practices are the most common cyber security issue that businesses face- poor passwords are easy to crack. The three password elements that create vulnerability issues are weak passwords, reused passwords and exposure of passwords.

According to John Lewis, IT security, Risk Management 73% of online accounts are guarded by duplicated passwords. This is understandable because nobody wants to remember several passwords. Make sure you never use the same password for multiple accounts.

Once your login gets hacked, the hackers can access your other accounts if you use the same password for the accounts.

Here are a few effective methods to create a strong password:

  • Training and awareness is the most effective password security measure. You should train your employees on what the best practices are for password creation, use and sharing.
  • You should create an encrypted and randomized password. The service LastPass allows you to create that and manage the passwords from a single app, however, they still require you to create a strong password.
  • Secure your login with use of “Two-Factor Authentication.” It requires you to have a device in conjunction with a traditional password or PIN. By using both authentication methods, your logins are much more secure.

2. Not Encrypting Your Devices

Data theft is an uncomfortable reality for many online businesses. Losing vital trade secrets can set you back months or even years. According to PandaLabs, in 2017 the total number of new malware was up to 285,000 samples every day. There is not one filter to catch them all, so you must have a series of filters to protect your business. To prevent a hacker who accesses your local data from using it, you should encrypt your data and create backups.

Even if your data is hijacked by a hacker or malicious program, it will stay safe as long as you encrypted your data with standard 128-bit encryption (or better), because it is virtually unbreakable without the private decryption key.

Still, according to a survey by Kaspersky, more than 35% of companies worldwide don’t use encryption to protect their data.

Fortunately, setting up encryption isn’t very hard. Windows and OS X have built-in hard drive encryption software which you can enable with only a few clicks. For servers, the process is more difficult, but you can get the help of an IT expert or company to get started and train your employees in encryption and key management.

3. Not Installing a Security Plugin

Never ignore online security prevention, even you don’t have the technical knowledge about online security, it is possible to implement it.

Today, there are quite a number of high-quality plugins that can help make your website hack-proof. Some of the best in the business include iThemes Security, BulletProof Security, Sucuri Security.

It is very easy to install one of these plugins that will help secure your website.

4. Lack of Updating Software Regularly

Updating your software is extremely important. Don’t only update the WordPress core files but also all the active and inactive plugins and the theme you’ve got installed on your site.

As’s own security czar Nikolay Bachiyskis stated:

“Always complete updates as soon as you can and make sure to use strong passwords. Those two steps go a long way in keeping your site safe. If possible, I recommend enabling auto-updates. Also, when choosing plugins, check to make sure you are using a plugin that is regularly updated. You can confirm this by checking the changelog for a plugin.”

With features like one-click and auto-updates, it is pretty easy to keep all of the software up-to-date. This is extremely important because whenever software vulnerabilities are exploited, hackers are remarkably quick to abuse it to their advantage.

5. Installation of a Proper Firewall

Your hosting service has probably already installed a firewall on the shared-hosting server. Yet, it recommended to add another firewall to your website as an additional layer of protection.

The hosting service protects your system against many types of external threats by examining every single piece of code before it runs.

Nowadays, hackers have found creative ways to get around the already installed firewall. So, in order to create an extra level of protection, it’s best to add another firewall.

You will find a wide variety of firewall solutions online. Recommended is “Comodo’s award-winning Free Firewall” which will effectively protect your website against malware attacks, hackers and viruses.


Bill here from My blog is all about making the world of online security accessible to everyone. I pride myself in writing guides that I’m certain even my own mom could read! Be sure to head over to my blog if you’re interested in keeping your private information just that: Private!

Pin It on Pinterest

Share This