As an business owner, you must take cybersecurity very seriously and protect your digital assets, whether your domain names, websites, social media accounts, cryptocurrency or personal/client data – anything that’s accessible online serves as an avenue for being compromised.
With the world shifting towards remote work, creating more access to data & currencies that’s normally unavailable – without the bare minimum of security measures, you risk being hacked and jeopardizing years of hard work.
This post is not only for people that have a business online, this applies to everyone who exists online.
Even if you are a regular internet user, you want to avoid someone stealing your passwords and breaking in your accounts.
This is such an important topic that we decided to not only give you our perspective but also reach out to 26 cybersecurity experts & businesses who operate & hold digital assets and ask them to share their expertise with us.
We asked them the following question:
What are your best hackproofing tips for owners of digital assets?
We received a lot of valuable and very useful tips. Keep reading to see what the experts had to say.
Aaron Hatton – Cybersecurity Research + Innovation
Whilst you will never get to the point that you are “unhackable”, there will always be a chance of your data being leaked; Practicing good Cybersecurity hygiene, can help massively.
The first thing to think about is do you have Anti-Virus software on your computer? A common oversight for many, which can cause their computer to become a victim of Ransomware attacks or Trojans.
When it comes to browsing the internet, enabling Multi-factor Authentication (MFA) on all of your accounts, and making sure that your password for each site is different can be a huge improvement. A password manager can help keep track of all your passwords in an encrypted vault for you, so you only need to remember one!
The final step? Trusting no one, treat every website you use, every email, call or text you receive with an ounce of suspicion. A little bit of paranoia can help keep you protected when online.
Aliza Vigderman – Security.org
Use encrypted storage: Store your digital assets in a vault with end-to-end, AES-256 bit encryption.
Create strong passwords: Protect your storage account with a strong and unique password that you don’t use for any other online account. The password should have special characters, letters, and numbers, with no repeated characters, and 12 to 16 characters total.
Add advanced authentication: Add two-factor authentication or multi-factor authentication to your storage account. That way, even if someone knows your login credentials, they won’t be able to log in without the passcode sent to your mobile device or your biometrics like your fingerprint or facial identification.
Use VPNs on public Wi-Fi networks: If you need to connect to a public Wi-Fi network, hide your digital assets and online activity by connecting to a VPN, or Virtual Private Network. This will hide your device’s IP address, as well, making you less susceptible to hacking.
Use antivirus software: To protect against cyber threats like ransomware, spyware, adware, and other forms of malware, install antivirus software on the devices where you store the digital assets.
Sage Driskell – The 20
No matter how advanced security solutions get, the human element is still the weakest link in virtually all security setups. It doesn’t matter how good a lock is if the person on the other side opens it willingly.
Social engineering is effective almost 100% of the time without the right safeguards and is one of the greatest sources of successful breaches. The threat has gotten more and more severe with deep fakes and the sheer volume of leaked credentials and data.
Gaming giant EA was compromised by a mix of social engineering and $10 of stolen cookies.
We created a process to take the human element out of authorizing access to systems and to assist users. A single password reset for the wrong account, or leaking the wrong bit of data can result in the complete compromise (or even destruction) of an entire business.
Hackers rely on the weakest link to get access, and a single foot in the door is enough to push the rest of the way in. If you stop social engineering, you stop the easiest and most common way to become a target.
Shawn Waldman – Secure Cyber Defense
While no individual or company can be completely safe from cyberattacks, there are steps companies can take to make it more difficult for cybercriminals to gain access.
Looking at recent hacks, the point of entry is often an endpoint device such as a laptop or IoT device that has been compromised. The main reason most endpoint devices have been hacked is due to a vulnerability that wasn’t patched, combined with a user being logged in with admin rights.
To combat security weaknesses, companies should implement encryption on laptops, enforce security patching schedules, harden images to improve cloud security, and adding Endpoint Detection and Response (EDR) systems to their security stack.
Companies also must evaluate who actually needs administrative rights, particularly from a remote computer or device.
Computers are naturally set up for convenience rather than security. Cybercriminals seek out vulnerabilities and rely on companies choosing convenience over basic security approaches such as multi-factor authentication (MFA) or not staying up to date on security patching.
Definition: Harden Image – Hardening is the process of strengthening a system to reduce its exposure surface and attack vectors. Hardening focuses on images sent by the cloud that are often unsecured and open for exploitation.
Jesse David Thé – Tauria
The best and only way to truly hack-proof your digital assets (crypto) is to have them stored offline in a cold wallet.
Whether it’s Bitcoin, Ether, or Dogecoin, pretty much all cryptocurrencies have cold wallets that you can download and print or write down on paper.
With your assets off-line, there is no possible way that they can be hacked conventionally since they are not connected to the internet in any way.
However, it has to be on a physical paper to be hack-proof, since if you try to cheat and take a photo of your cold wallet keys with your smartphone, then it’s back online again!
Chris Muktar – Wiki Job
Today’s world is digital, which implies digital assets are all around us.
Most people engage with digital assets millions, if not billions, of times during the day, from the images on their cellphones to the films they watch to the files they keep in the clouds and more.
Simply, a digital asset is a piece of content that has been stored digitally. Pictures, photographs, recordings, text-based files, databases, and PowerPoint decks are all examples.
As a business owner, it is important to have these digital assets fully proof.
The best tip that I could advise is to update the security regularly. This is to prevent unsolicited malware or people from penetrating your digital assets.
Eric Dingler – In Transit Studios
Keep your website, email accounts, backups, and domain registrations at four different quality service providers.
Cheap hosting that offers all four may be convenient and attractive because of the price, but when that account gets hacked you can lose control of your website, email, and domain access.
And once you lose access to that one account with your backups, getting a restore of the site can be impossible.
By keeping these and other digital marketing assets at various service providers and using unique passwords and other login security best practices even if one gets hacked, you haven’t lost control of the kingdom.
Jessica Rhoades – Create IT Web Designs
There is no 100% guarantee that you will not be hacked with your website. You can take steps to mitigate the risks.
Make sure you are on a good host or have a good hosting provider that will take care of a hacked website for you. The high-speed host that we use automatically includes quality website security as part of the hosting plan. They also include free cleanup of a hacked site.
The second thing you can do is to make sure you keep your WordPress version, theme, and plugins up to date. Update existing plugins and if a plugin is not updated regularly consider changing to a different plugin.
Last, I recommend backing up your website regularly. In some cases, you can go to a prior backup.
James Idayi – Cloudzat
Technology is ever-evolving and so are cyber threats. It’s best to be preventive than reactive.
Conducting monthly preventive system maintenance and pushing security patches regularly to company computers and mobile devices would be your best course of action.
Second, educate everyone in the organization on the current threats such as the current trends in phishing.
There are a lot of malicious messages present out there waiting to infect your organization’s digital assets.
Martin Luenendonk – Founderjar
As an online business owner, it is critical that I safeguard my digital assets because if they are hacked or compromised, my company will be gone.
There are a lot of nasty people on the internet who could wish to hack into your digital assets and steal them from you, and no one deserves that.
That being said, here are my two best hack proofing tips for owners of digital assets:
Use a strong password. The only way for these hackers to have access to your digital assets easily is for them to obtain your password. That is why you should never use a password that is personal to you or that can be easily guessed, such as birthdays or names of any family members, because they are the most common and weak passwords.
Use only the most trusted web hosting. Your web hosting company really matters on the security of your digital assets because they are handling your sites and making them live. That’s why you should only use trusted web hosting that will make your hard-earned assets secured.
A. Elliot Olson – Studio Anansi
Here are three of my BEST hack proofing tips to protect digital assets:
Use an app to create and store secure passwords. You likely manage your digital asset by logging into a platform, such as your website or an online shop. It’s easy for hackers to crack simple passwords, especially when it’s something obvious like “admin” or “password.”
Use a combination of letters, numbers, and even symbols to create complex passwords. I recommend apps like LastPass, which can generate and securely store unique passwords for each of your accounts.
Enable two-factor authentication. Even a strong password isn’t always enough. To further lock down your security, enable two-factor authentication (2FA) whenever possible. 2FA is a more secure way to log into your website and online accounts.
Normal logins require a password and username. 2FA requires a password, username, and unique code that only you can access.
Never share sensitive information (such as logins) over public wifi. Using public Wi-Fi is a huge security risk. Only use trusted networks such as your office or secured home system.
If you must use a public network, make sure you use a VPN or other security measures to protect information sent over the public Wi-Fi.
Well, protecting our digital assets is critical.
Consider all of the time, effort, and effort you’ve put into creating and building your website, writing content, developing your course, recording video tutorials, and marketing your material.
Wouldn’t it be a tragedy if your website was compromised?
And how I protect mine is simple yet effective. I begin with a solid foundation, when it comes to security, you should always start with a solid foundation.
Your computer or laptop serves as that secure foundation.
If your computer or laptop has been compromised, securing WordPress may be the least of your concerns because a hacker may have access to your financial accounts, email accounts, and so on.
I usually use a safe web hosting service.
Devon Fata – Pixoul
Hackers look for loopholes and weaknesses in your security, so make sure to always update your software.
These updates will help keep you protected and keep your hackers a step behind. It is also important to have secure Wi-Fi.
Make sure that your router is in a good location and if it gives you the option of encrypting your data, do it.
Enable a firewall and limit Wi-Fi access to your employees. The best way to keep hackers out is by being proactive.
Wayne Roye – Troinet
You may have not given much attention to “hacking” until you have been a victim of one such as your credit card has been abused, your email was hacked, you lost customers’ trust because of a breach, you got stiff fines, your reputation was marred, among others. Here are our best tips:
1. Conduct regular assessments and reviews;
2. Insurance review;
3. Back-up and disaster recovery plan;
4. Strong password and two-factor authentication policies;
5. Take heed that native email security is not enough. Consider email security;
6. Cyber Security Training for Employees.
Chris Worrell – Privacy Bee
Invest in password managers.
Lots of cyber users do not pay attention to passwords they use to protect their accounts from possible hackers and cyber-attacks and regret them later.
As they took them for granted and used low-quality passwords like their birthdays, house numbers, addresses, and reused passwords, they exposed themselves to more digital threats.
My best tip? Invest in password managers like bitwarden and dashlane to efficiently take care of your security. They can generate differentiated and not-easy-to-crack passwords for all your digital accounts.
They are more reliable than the free password managing services since they are dedicated software that specializes and focuses on managing passwords.
Just a heads up, watch the information you share to retrieve passwords like your father’s name, your best friend’s name, and so on as they may cause trouble later on.
Ashley J. Saunders – AJS Digital Group
Many hacks occur due to poor security, so it’s worth checking weekly if any system updates are available and then applying them. Even a small lapse in keeping core software and hardware updated can make you vulnerable.
Another element to bear in mind is backups. Even if your provider makes daily backups, it’s worth weekly download an offline copy. This way, you’re protected in a range of situations from a provider error, to hacking and user error.
You’ll also want to stay up to date with the current trends of hacking and solutions to these attacks. As my mother says, prevention is better than the cure. So you’ll want to stay on top and up to date!
Jen Willden – Ranksey
The two most common ways that hackers are able to gain access to your website are also two of the easiest to prevent. Our agency designs our websites exclusively on WordPress.
Often times hackers will wait for WordPress updates and read through the list of items that were patched. This gives them the tools to exploit websites with installs that are out of date. That’s why the number one most important counter-hacking measure is to update WordPress, Themes, and Plugins being used on your website.
Another way that hackers are able to infiltrate websites is through repeated login attempts. It sounds simple, but using complex passwords and installing plugins like limit login attempts also goes a long way in preventing an attack.
Another way to prevent malicious attacks on your site is to frequently check it for Malware, which can easily go undetected until it’s too late. You can use a free tool such as Sucuri SiteCheck to scan your website, but it’s even better if you afford a security plugin that includes Malware scanning and a firewall.
Hamna Amjad – Physicians Thrive
Here are the top four ways weensure that our digital assets are safe and secure.
- Don’t use the same password formultiple websites. If one of your accounts is hacked, all your data is at theattacker’s tips. 52% of people reuse their passwords across multiple websitesand apps. [SOURCE: http://bit.ly/2s3Dn5C]
An app called LastPass can be used to protect passwords and can generate strongerones.
- You should always enabletwo-factor or multi-factor authentication. In the absence of this securitymeasure, even a newbie hacker can easily hack your digital assets or access anysensitive information.
- Always use a VPN (Virtual PrivateNetwork). This will provide an extra layer of security, but businessstakeholders can also use to remotely access a protected network from anyInternet connection. I use this chrome extension called Touch VPN. It’s easyand free to use.
4.. Never Install unauthorized orfree security software. Many harmful executable programs and software downloadsautomatically from the internet. Beware and never be a victim of thesemalicious softwares. Therefore, keep machines, web browsers, and operatingsystems clean from viruses and malware by using only trusted developers likeGoogle Play and Apple App Store.
Number one on my list would be to use a password manager for all your passwords. There is a myriad of password managers to choose from like Abine, 1Password, LastPass, and Dashlane.
Invest in this software and make sure to use Multi-Factor Authentication with your password manager. Remember, this is the one and the only password you’ll have to remember.
Tip number two is to enable Multi-Factor Authentication on all your online accounts. MFA is when you receive a text message or use an authenticator app to receive a random code when you log in.
I recommend using an authenticator app over receiving a text message when you sign in as this is a much more secure option.
My third and last tip isto limit your online footprint by closing and deleting unused online accounts. Using a password manager can help you audit all your online accounts.
If you have an old eBay or Amazon account that you are no longer using, then close and delete it. This will help reduce your overall online footprint that could potentially be a vulnerability.
Jessica Taylor – Lead Nerds
I have a few tips for digital asset owners:
1. Use the most up-to-date hardware, OS and software on your devices.
2. Make sure your backups are full and recent.
3. Keep your passwords private and secure.
4. Don’t share your social media account details with anyone who you don’t know or trust.
5. Use a password manager to encrypt and change passwords regularly.
Jacob Fitzpatrick – Fitz Designz
Alongside making sure you have a secure password that it not easy to guess, we always recommend setting up two-factor authentication also known as 2FA.
2FA is the process when the user receives a one-time passcode via email or text message after successfully logging in with their username and password. This passcode is used to confirm the user’s identity.
Typically, these 2FA codes are sent when the system identifies a login attempt from a new device that has not been used to log in with in the past.
This means that a potential hacker who attempts to log in to an account via a remote device, won’t be able to gain access unless they also know the passcode sent to the user’s personal phone.
Eric Keith – Black Storm Roofing Marketing
As a digital business owner, these are the digital assets that I should protect and make sure that they are hackproof because this can bring my business down for good. That’s why as for me, I have invested in different things to protect my digital assets.
That being said, here are my two best tips for hack proofing digital assets:
1. Choose the safest web hosting service. A web hosting service provider is where you store your website and its data. That’s why you should meticulously choose the best and safest web hosting service provider.
2. Protect your machines. The easiest way for hackers to get into your digital assets is through your machines. That’s why you should protect them physically and digitally by using strong passwords.
Todd Ramlin – Cable Compare
Anything from documents and images to spreadsheets, data, and beyond are digital assets and if they’re connected to the internet in any way they’re at risk of being hacked. As a manager of an eCommerce company, I’m always looking for ways to better protect our digital assets.
The first step in hack proofing your digital assets is knowing what you have so start by taking an inventory. Your list should include your website, social media accounts, customer information, business processes, images and apps that you’ve created, and any intellectual property.
Weak security is the number one way hackers get to your stuff so make sure your operating system and the apps you use are up to date. If you use wifi, make sure that you’re following all the best practices to stay secure.
You’ll also want to limit access to digital assets to only those who need to have access and keep employees up to date on how they should be practicing cybersecurity.
Another way to add an extra layer of protection is by implementing a 2-factor authentication system to further verify who is trying to access your digital assets.
Finally, consider taking out a cyber insurance policy. While insurance can’t prevent hacking, it can help you recover if your assets are hacked. The bottom line is that no digital assets are 100% safe from hacking but with a little vigilance, you might be able to fend off attacks.
Farzad Rashidi – Respona
Have a backup.
The best way to protect your digital data is to have at least two copies of it in an external hard drive or something similar, one copy onsite and one offsite.
If the unthinkable happens, you’ll always have time to send out the remaining copy for recovery before disaster strikes. It’s also wise to keep your passwords locked with 24-hour timed automatic login after a period of neglectful disuse (this prevents guessing attacks).
Hackers don’t need to know what you’re storing — just make sure that they can’t get their hands on it!
Petra Odak – Better Proposals
The first thing you should do is limit the access to your files. Not everyone needs to have access to all digital assets, so keep things on a need-to-know basis and restrict access to the files which are really important to your organization.
On top of that, try and use a password management application such as LastPass or 1Password. That way, you can safely share passwords with your employees without actually copy-pasting the password and sending it through Slack or email.
Last but not least, always use two-factor authentication. We all use multiple devices to log into our accounts and with 2FA, you make sure that if an attempt at a breach happens, the account stays protected with another device.
Chris Johansen – Anttix
Make sure your website has an SSL certificate.
If you’re going to use a WordPress or Drupal CMS be sure security headers are properly installed.
If you’re going to use a CMS make sure the site is updated with the most updated security module or plugin.
Test and test again for any weak points that can be taken advantage of or manipulated.
Make sure the site access passwords are hexadecimal and long 15 characters and up and never use the same password on the site or hosting access.
Thank you so much to all the experts that shared their advice with our readers!
If you learned at least one useful thing from this article, then please share it with your friends and followers on social media.