Do you keep all your eggs in one basket?What is important for your finances is also important for your online security.
Every legitimate financial adviser will tell you that investing in only one stock or type of investment is a recipe for disaster. Sure, if you only have to follow one stock, you can always and easily know your position, but knowing you're broke doesn't make you less broke.
So you diversify. The actual way you should diversify is a function of your age, your tolerance for risk, your goals and special circumstances, like family medical needs, etc. But diversification works and over time, diversification pays off.
You wouldn't have to diversify if everything always went just fine. You diversify to mitigate the impact of things going wrong. And someday, things will go wrong. That's not being pessimistic. It's being realistic. We buy insurance, don't we?
For the past 25 years, there's been quite a bit of press about hacking and online account information being stolen from businesses. But for every Sony case, there are thousands of individual losses that we never hear about. Just because we don't know about them, doesn't mean nobody was hurt. So how can you make sure that if one of your accounts get hacked, the rest don't get hacked and you don't get wiped out?
2. Online storage accounts
3. Your servers
1. Diversify your passwords. Using the same password for your Facebook account that you use for your online banking account is not a good idea. Use different passwords. To keep things simple, you can probably make a few rational compromises, like a shorter password for your online newspaper account than for your stock brokerage account. That's not a problem if you are aware of the risks and potential for loss. Also, if remembering all those passwords is a problem (and it is for everybody), consider a service like LastPass to both remember and really diversify your passwords.
2. Diversify your online storage. Services like Dropbox are great for collaborative work, but because Dropbox adds a bit of code that resides on your computer or iPad, and because you may not be sure of the level of security sophistication of your co-workers, be careful of what you upload, who has authority to see what, and for how long that authority will be valid. For more sensitive information, consider a service like SafelyFiled, designed not for collaborative work, but to securely store and share documents.
3. Diversify your servers. If you have an on-site server running your business, you may not want certain information on it. For example, if you use the server for customer accounts and many people in your office have access, perhaps your company's financial information and employee records are best kept on a separate machine somewhere else. Or, if you want to give your clients access to certain documents, don't give them access to your servers, but give them access to a completely separate system.
Just doing your security diversification once isn't enough. You have to keep at it. You probably review your investments periodically to make sure they still make sense and your diversification plan is still valid for your circumstances. Do the same for your security diversification.
Here's the good news
While the skills of the hackers continue to increase, the good news is that we are all more aware of the risks and there have been quite a few advancements in security. With a bit of diligence and a good diversification plan, you can prevent a hacker from wiping out your business.