The Consciously Secure Entrepreneur

April 6, 2021April 6, 2021PurepointInternationalLeave a comment

The Consciously Secure Entrepreneur

I know…I get it! Security can be overwhelming, scary, and unpredictable. It can be risky just living in the world and navigating the minefield of checking emails without clicking on a bad link, let alone trying to a figure out all the things we need to do to protect ourselves.

Well, can the same be said about money. It’s there for us to hold, utilize, empower ourselves, and support our basic needs of shelter and food. When not given enough attention, some scary things can happen like missed payments, debt, or lack of savings. Thinking about how we protect our money, as well as our data and systems, is something we all must learn how to do in the digital age we inhabit.

Yes, money and security are, or can be, physical assets in our lives, but it’s also energy. Being informed and operating from a place to confidence can be the gamechanger in living the life you want, being consciously secure, and living a life of freedom.

As an entrepreneur, personal security and business security can run together. The Consciously Secure Entrepreneur is one who lives consistent, secure habits daily that are needed to run a secure business and be safe on journey of life.

Managing your own small business? Here are 5 ways to upgrade your security and privacy today to be on the road to becoming a Consciously Secure Entrepreneur:

Update your privacy settings in Chrome: This is not too complicated, but do set aside at least 10 minutes as you review these settings:

Pull up the Chrome browser.
Click the three dots (vertical row) to the right of your Google personal image at the top of the page (far right of the URL).
Scroll down to settings.
On the far right of the screen click on Privacy and Security. Here there are multiple things you can do:
- Confirm your password manager is active.
- Check if payment methods are saved. I would confirm its not saved in the browser but in the password manager.
- Can check your location settings, clear browsing data, and check your security settings (select the safest option for secure browsing).

Stop playing the “waiting game” on privacy. Privacy and cybersecurity regulations are increasing annually. As a Consciously Secure Entrepreneur, are you reviewing the type of data you collect, what you do with it, and how you protect it? The Global Data Protection Regulation, GDPR (privacy regulation in Europe), and the California Consumer Privacy Act, CCPA (effective January 1, 2020), indicate maintaining reasonable data security is no longer enough. If operating in regulated areas, you must determine how to align your business goals with privacy rights of individuals around the world. Adherence to GDPR (which applies to all businesses, large and small, that collect data on European residents), CCPA or PIPEDA (Personal Information Protection and Documents Act in Canada) is a must as well as understanding how it impacts the roles and responsibilities you have as a business owner. The European Data Protection Board’s recap of GDPR activities between May 2018 and May 2019 states 144,376 complaints or queries were lodged with EU data protection authorities during that year (The Legal Intelligence).
Do not use public WiFi networks: If you do, use a VPN (virtual private network). Try CyberGhost, Express VPN, McAfee, IPVanish VPN. When working remotely, at home or on a personal device, use VPN software to access business email. Avoid accessing business email from public WiFi connections.
Utilize password managers:Change passwords often. I recommend every 120 days – 180 days if utilizing tools such as 1 Password, KeePass, and LastPass to either store your passsswords, maintain longer passwords that you won’t need to remember directly, and to create passwords for you.
Understand the importance of a Business Continuity Plan: As an entrepreneur, do you think you think you need a Business Continuity Plan. A Consciously Secure Entrepreneur would say yes! What if there was a cybersecurity incident, a major health issue, a natural disaster, or even a pandemic (oh no!)! Do you have an employee, or consultants, who work with a company critical system, or data, that may need a back up plan for access if there was a concern? If that occurred who is their back up and how will your company continue to operate? Thinking though all of this is critical for Consciously Secure Entrepreneurs.

You don’t have to be a security professional to protect your information, but you do have to be consistent. Taking steps now to document what challenges are occurring is a way to prevent these same challenges in the future. The good news is you can start today.

Jessica Robinson, CEO of PurePoint International, and works as a Virtual/Outsourced CISO to middle market business in financial services and insurance. You can reach her at jessica@purepoint-international.com.

Consciously Secure Living: Privacy and Social Media

April 17, 2020December 2, 2020PurepointInternationalLeave a comment

As the pandemic stared there is no doubt people connected more online, though various mediums, as a way to build community. The question that remained in regards to some platforms was “How much is to ‘too much’ information to share?”

It’s important to have an awareness of what information is important to keep private. This varies by person, but an individual’s overall understanding of long-term impact also varies by age and level of awareness. For example, the younger the person the more likely they may be willing to post more information about themselves online.

Jessica was featured in this Bustle article that covers good information any individual can consider when posting on social media. This may specifically be of interest to parents, in thinking about their children, and those who live alone.

Enjoy this article by Kaitlin Wylde.

March 13, 2020March 19, 2020PurepointInternationalLeave a comment

As C-level leaders, is your team prepared to work remotely SECURELY?

The Coronavirus (COVID-19) has impacted communities, events, travel, and the economy. It’s also impacting data and cybersecurity in your business! It’s one thing for an employee to work from home two days a week. It’s another thing for ALL employees to work from home for an extended period of time. The question you have to answer as a C-level leader is whether your company can withstand remote working indefinitely AND still maintain the confidentiality, integrity, privacy and availability of data?

Here are the top three considerations for C-level leaders to NOT let the Coronavirus impact data and cybersecurity in their businesses.

1. The Importance of a Business Continuity Plan:

Do you have a full Business Continuity Plan in place today? Perhaps, you have a Disaster Recovery Plan for your information systems? When was the last time that Plan was reviewed and updated? Like with cybersecurity, C-level leaders have a tendency to wait to implement these Plans until there is a pressing matter that requires them to do so. For example, a cybersecurity incident, a regulation, a natural disaster, or even a pandemic!
Do you have an employee who works with a company critical system that is out and not able to perform their daily functions? If that occurred who is their back up and how will your company continue to operate?
Taking steps now to document what challenges are occurring, to update or create your Plan, is a way to prevent these same challenges in the future. The good news is you can start today.

2. Teleworking securely: Are we ALL actually able to do this SECURELY?

This is a difficult time to realize that you have a legacy finance system that makes it hard for an account payable employee to do their job while working remotely for an extended period of time.
How is your VPN – virtual private network? Is your team able to connect to your intranet securely? Are they able to access company or client data in the most secure way?
What if your employee needs to print confidential data? How do they do that remotely?
Are you all communicating quickly and efficiently with the communication tools in place? For small companies a secure text may work, but what about 50+ employee organizations? Having a secure messaging system that can communicate with employees efficiently, and consistently, with the ability to receive responses is critical.
Authentication: Is there multi-factor authentication for ALL systems? These are all things that need to be considered and enabled.
BYOD – Bring Your Own Device: Are your employees working on their personal devices with confidential company documents or client data?

3. Should we wait until this virus settles before we do more on cybersecurity?

There are “already” so many things to do, so why add cybersecurity or continue to execute cybersecurity best practices if it “makes our job harder?” I am sure no company will get a “pass” by a regulator or client, if they have a cyber breach and the company says “Yeah, but our employees had to work from home because of the coronavirus,” or “Did we really have to meet the deadline for the NY Department of Financial Services regulation or NY SHIELD Act during the pandemic?” This type of thinking will only keep you in fantasyland. The truth is…this is hard, the hackers don’t stop. For C-level leaders, this is what it means to run a business in 2020 and beyond.

The sad truth is there is not a “one size fits all” approach to cybersecurity when suddenly ALL employees are working from home during an unexpected event. Though there are similarities in securing systems and data a tailored approach is needed.

As a C-level leader, you don’t want to make your Compliance leader or HR leader’s job harder than what it needs to be. Putting the team first during this time means making their job easier, which means making your job easier. Neglecting cybersecurity or data protection during this time is a recipe for failure and, other than a sick employee, the last outcome you want as a result of this pandemic is a data breach.