WE’VE BECOME USED TO SENDING E-MAIL MESSAGES, connecting to the Internet, and logging on to our office computers from the road. It’s such a regular part of our day that we don’t worry about whether we’re vulnerable to the same cyberpunks who hack into corporate computers or steal credit card information. Could it happen to you? Perhaps.
It turns out that just about everyone who exchanges files faces a growing security problem, especially if you answer yes to any of the following statements.
* You handle sensitive client data on your PC.
* Your business maintains data on a PC that competitors would like to know about.
* You offer clients or coworkers remote access to your home system.
* You send a credit card number over e-mail to make a purchase.
* You access the Internet or a client’s intranet.
* You regularly use e-mail.
Don’t be too alarmed by the last two items. The kind of Internet connectivity you make and the material contained in your e-mail messages determine whether you need protection. You don’t need to protect an e-mail containing the note, “Thanks, Mary. I got the information.” But if you send new business venture proposals or last year’s taxes on e-mail, anyone could potentially get access to that data.
Postcards, Not Letters “When you send e-mail, it is basically the same as sending a postcard from Bermuda to your Mom,” says Mark Gembicki, a security consultant. “Every ‘postman’ that touches that card can read it if he wants to.” Sometimes it’s not just the carders who can look at your e-mail but unauthorized hackers as well.
As with backing up riles, most small-business owners simply don’t want to address security issues until it is too late. But consider this: One small-business man told us that he e-mailed his credit card number back to his office. Later he found $4,000 in unauthorized charges on his statement from someone who had electronically intercepted his data.
Fortunately, there are a host of products on the market that can encrypt your e-mail and protect data on your hard drive.
Seth Russell owns Clickshop.com, a small business in Renton, Washington, that sells online shopping systems to other enterprises. Russell packages a complete software solution for small firms that want to create a presence on the Internet to sell their wares or advertise their services.
“When people buy things on the Web, they need to use a credit card–and the number has to get back to the merchants securely,” says Russell. He includes an encryption product called ViaCrypt in all his systems so that his customers can handle e-mail transmission of credit cards and other data without incident.
He also practices what he preaches. “If I need to send a password or anything sensitive to someone else, I always encrypt it with ViaCrypt. Then he can decrypt it on the other side,” he says.
Who Needs It You may not send out your password and credit card information every day, but you may have access to a client’s confidential financial information. What should you do? The best defense is a strong offense. Here are a few steps we recommend for any small business that uses e-mail or remote access.
* Use encryption on all e-mail that contains sensitive data. When in doubt, encrypt.
* Suggest to your suppliers and clients that you both adopt a common encryption technology. For as little as $29 per user, you can protect yourself as well as your client.
* Never offer remote access to your home computer system to a client without using encryption or other password protection.
* Make sure that sensitive files on your hard drive are encrypted.
Even if it requires a few more steps to secure files, encryption software is worth the modest cost and minimal inconvenience. Still not convinced that cyberspace isn’t anonymous? Visit the Center for Democracy and Technology (http://www.cdt.org) and click on the button marked CDT Privacy Demonstration. This online test will open your eyes as to how secure your Internet access is and how much random information is floating out there about you for hackers to track down. Then go out and use encryption on all your important e-mail and remote access. You won’t be sorry.