Security continues to be an important topic relating to all things digital, both for individuals and online businesses. Breaches in security can happen through a variety of means, and one recent ransomware attack that affected the UK National Health Service has a lot of people asking how they can protect themselves and their businesses.
Security Basics
Citing the Information and Privacy Commissioner of Ontario, Kathy Tomaszewski writes on the Clausehound.com blog that there are four main groups of precautionary tactics that you can use to maintain digital security:
• Physical measures (e.g., locks, alarms);
• Technological measures (e.g., password protection, encryption, use of firewalls);
• Organizational measures (e.g., contractual duties like on a need-to-know basis, use of security clearances); and
• Checking to make sure these measures are kept up-to-date and any deficiencies are being uncovered, documented and addressed.
It’s important to think about all four of these as you assess your digital security, but technological measures can encompass quite a lot. Below are some guidelines that job board owners can use as part of protecting their job boards.
Individual Security Measures
McAfee.com recommends some basic measures that can significantly decrease your risk of being hacked, including:
Using “Smart and Strong” Passwords
Many websites and software tools require you to have certain types of characters in your password, such as numbers, mixed cases, and special characters. McAfee recommends using a variety of characters, while others argue that long but unique passwords are better. I’m not exactly an expert in passwords, but I think the key here is aiming for difficult-to-guess passwords, and not use ones like “password” or “asdf123”. And if you think your password has been compromised, change it. (But be sure to update it on the proper channels, checking that the website is secure and that the URL is correct.)
Be Smart with Email and Messages
This bit of advice can cover a lot of ground, but it’s one of the most important. We’ve all heard the story of receiving an email from a Nigerian prince who needs your help with his bank account, but some phishing tactics and emails are trickier than that. Think twice before you click on links or email attachments you receive from unknown sources. Pay attention to email addresses and domain names – sometimes scammers will use domain names that look similar to legitimate ones, using typos or subdomains. If in doubt, Google the proper URL and check against the one asking you for something. This advice goes for messages you receive on social media as well.
Only Make Purchases on Secure Sites
In the URL bar of your web browser, a secure site is indicated by a little padlock icon and uses “https://” instead of “http://” at the start of its web address. If it’s not there or the padlock is open, the website may not be secured using a Secure Sockets Layer (SSL) certificate. An SSL certificate makes sure that information passed between the web browser and the server is encrypted and securely transmitted. This is particularly important when purchasing anything online, as credit card information and other financial data should never be sent through channels that are not secure.
Protecting Your Job Board
Job boards come in all shapes and sizes, and your security tactics may depend on the tools and software you use. Here are a couple important guidelines to follow:
Update
For online businesses, one of the most common pieces of advice given is to update your tools and software, including your web browsers and operating systems, as new updates often come with security patches. Not keeping your tools and software up to date may leave you vulnerable.
That said, your ability to protect your job board and your users may vary depending on what type of technology you use. Those using proprietary web software or software purchased and deployed without access to regular updates may need to do a bit of extra work. If your platform or technology vendor provides optional updates, make sure you update. If you work with a SaaS solution, they should be pushing updates to your software on a regular basis, including security patches.
Back it Up
Regularly backing up your job board website and its data is an important task. In the event that something happens to your job board, you can quickly restore it to the most recent backup with minimal disruption to your users.
Again, if you’re using a proprietary solution 0r use software that does not include regular updates (or you are otherwise handling the hosting yourself) – you may have to do some research and set-up on your own to make sure that you have a system in place that performs regular backups, and that those backups are accessible to you.
If you’re working with a software provider who is responsible for your web hosting, check with them to confirm that backups are performed regularly and their frequency.
Online security is an ongoing endeavour that requires a mix of common sense, awareness, and proper technical set-up. The advice listed above isn’t comprehensive, but following these basics can do a lot to minimize your risk.