Data Security for Pole Businesses: What It Is, Why You Need It, and How to Get It (Part 1 of 2)

Data security is a big deal these days. Open any news app and you’ll likely encounter an article about a data leak or breach. These articles can be super overwhelming for those with little to no interest in computers, or with a million other things vying for their attention.

You’ve probably also heard rumblings about the mysterious “dark web” where people can buy and sell anything, including your business’s identity. Even if you have identity monitoring, you’ll want to have good cybersecurity practices in hopes of stopping an account takeover before it starts.

You may be thinking “my pole business is too small for anyone to want to steal my identity.” This is objectively untrue. Maybe you don’t have as much as you’d like in your business accounts, but the people who steal other’s information don’t give a f*ck about overdrawing your account.

So, if you’re a human with a bank account, you want to read this post.

Data Security Basics

First of all, you’ll want to protect your data. 

Best practices are: to get a phone number, email, and PO Box just for your business. Most small businesses will start out using the business owner’s personal information for incorporating the business, but think about how many people in your life have that information, and how many times it has been leaked over the years.

Making a new email address on sites like Google and Yahoo are completely free. If you choose Google, you can also create a GoogleVoice number for free. You can also look into affordable mobile options like Boost Mobile or Mint Mobile.

If you want to be really safe, you’ll get one number/email for the business where customers can contact you (that is different than your personal phone and email) AND one number/email to use for all your business needs like incorporating and banking; that way you won’t be giving potential login information to all your customers. (There is so much more to this that it really is its own discipline, people have written books on it).

Also, in the US business incorporation paperwork is publicly available, and there are multiple sites that aggregate that kind of data making it even easier for people to find.

You’ll also want to have strong passwords. 

Strong passwords are: not easily guessed, contain upper case, lowercase, numbers, and symbols, and are at least 12 characters long. That sounds like a lot, and it is, but programs exist that iterate through common passwords and all these things add complexity, making it harder for the programs to guess your password. Since your account is likely the admin for your site, it has the 🔥POWER 🔥.

An unauthorized person gaining access to your account gives them unauthorized access to all accounts.

Also, make sure the answers to your security questions/password recovery questions aren’t things that can be found online. The most common security questions are easily answered with a google search or peak on social media.

Have you ever answered one of those “look at this fun questionnaire” posts? Talked about your pet? Posted your high school reunion photo? Geotagged your wedding photos? These are all common security questions and we let the answers to them leak every day.

The best advice I ever got for this was to come up with fake answers to these questions. Maybe you went to Fairfax High School but the answer you give the security question is Sioux Falls Prep (is this even a real school?). Just make sure you remember the fake answer you gave.

Get an offline password keeper to ease the cognitive load of these simple security questions. Some online password keepers have been hacked in the past. Keeping an offline version with a master password that only you know (and will remember) is the best option.

IPIA’s resident cyber security guru likes KeePass XC. It will create passwords of varying complexity for you (following the rules above and more stringent ones if desired/needed) and allows a comment box that can be used to store the fake answers you came up with for your security questions.

Some people use a password protected spreadsheet, or worse, a regular spreadsheet, to track their passwords. These are not encrypted. In the case of the non-password protected sheet—anyone can get to that.

For a password protected spreadsheet—those are a little trickier to get into, but these days kids are learning more coding than their parents generally did, including how to see data in a protected sheet without the password.

If a 12-year-old can get past your security protocols, your protocols aren’t strong enough for your business (sorry, not sorry).

Whew! That’s a lot to get started with! In Part 2 we’ll go “beyond the basics” for digital data security and also talk about some physical data security protections you’ll likely have to deal with as a pole business owner.