Episode 58: Protecting Your Digital Business
Show Notes
00:11
Hey, I’m Rob. I’m the CEO and Chief creator of mazing ideas, stunning digital marketing.com. I hope everybody’s having an amazing day. Today I want to talk about something really important. We have a saying in our business called it’s not a fuel be hacked. It’s one, and how do you recover? So what I thought I’d do with y’all is give you my, my broken down strategy on how to protect your business. It’s the same one we use in our agency. And you can also apply this strategy to your home life. And I really want to help you. So please take the time to listen to this amazing podcast. That’s really important. Now, before I move on, many people say, but Rob, you’re a marketer. What do you know about security, I spent 22 years in health care. I was the lead technician for client services for Sunnybrook Health Sciences Center in Toronto. I also provided end user support, and at the time I lived and breathed security, I still do today. Avoiding the online world is not proactive protecting yourself is. Now let’s move on to some things that you should do to make yourself more secure. Then we’ll move on to our update backup strategy. By doing these things, you’ll protect your business and be able to recover if you’re hacked. And by the way as exciting apply the same things to your home life. So still take note, please take the time to get a pen and paper and make some notes. You’ll want to keep this episode for reference and keep going back to it because there’s a lot of really good nuggets in it to help you at home and with your business. The first big tip is to use a password manager to manage your passwords. Our Password Manager choices LastPass but one password, and many others work just as well. It has a browser extension that works in all major browsers, Mac, Windows, Linux, it also has versions for the Android and the I OS for smartphones. Do not and I mean, do not use a book called passwords to keep track of your passwords. Many people do that with the book right beside the computer. And this is asking for trouble. One reason I do use a password manager is I don’t use the same passwords on multiple sites. And frankly, I use very complex passwords. This way the password manager remembers them for me, and I don’t have to remember them. And that’s a good thing. Now, I also suggest that you turn on two step authentication. This is really key. Also, do not use your cell phone as a second step via text messaging on. And you might ask why there’s a phenomenon called sim jacking. What sim jacking means is, the bad guy calls up your cell phone carrier and works their way around. So they they break down and send them a SIM card. And the reality of doing that is it gives him your SIM card he punctured in your phone, he’s got your phone number, they never text sent to your phone number. So that’s why I don’t suggest using you know, sim text messaging as a second step. Now there are some cool apps out there under iOS working with Google that does use your cell phone. Those are okay. I actually use what’s called the new wiki. It’s a security key that you pre authenticate. You need this plus the password to get into services or Troy Well, one caveat with Uber keys. If you’re going to use one, get multiple ones. If you lose one or it stops working, you have a backup to get into accounts. There’s also a service called Google authy. It does basically the same thing and works well. This is the first two steps in helping you minimize what happens if someone tries to hack you Password Manager two step authentication. So let us take you through the strategy for Windows 10 machine. We’ll talk a little bit about Windows seven. And then we’ll take you through a WordPress strategy. Window strategy. First thing is if you got windows seven, the last security fix came out on January 14 of this month. It’s now what’s known as E Ll or Ando life, as we call it for geeks. So what you really need to do is upgrade to Windows 10. And what I’ll tell you is Microsoft is off to servers turned on. So you should be able to do a free upgrade but I can’t guarantee. I know over the last couple of weeks I did summer nimbala did Kendall 14 and I didn’t have any issues to try. You have nothing knows. Make sure you keep your software up to date, including web browsers
04:59
and our offer now Data protect you from security. First, backup your computer on a regular basis. I suggest using two external USB hard drives. Frankly, they’re very cheap. Keep one on site NeXT Computer one off site away from your office, need to store it at a friend’s do so or colleagues or at home or anywhere where your computer is. Just copy your data to these two hard drives on a regular basis. Now, if you only want to use one hard drive, you can use a backup service like I drive backblaze or Carbonite as well. They work really well as well. The big suggestion I have is make sure you have tested the ability to restore files for free need to remember your backup is only good as the ability to restore. Now you might ask Do I really need to keep the backups off site? The answer is yes in case of a fire theft, or other natural disasters. Now this really covers everything I do for backups in the simplified manner except for photos. And what I’m gonna do because photo management and photo backups are different. I’ll cover that in the next podcast. So you want to stay tuned for that special episode. Because losing photos frankly, the prices Now let’s talk about WordPress websites. At styling digital marketing car.com we have over 200 websites on WordPress security care plans. We are your security experts. We’ve been doing this a long time. And we can really help you if you want that help. The following is a protocol that we use to backup and secure websites and minimize the chance that they may not be hacked. First thing is choose your web host very carefully. Our web hosts to choice these days is siteground have been with them for three or four years. Some other good choices are canasta cloudways WP Engine, and a few others, frankly, stay away from GoDaddy one on one or anything big governments international group owns touches or is near. They’re not really good to deal with. And even things like security which is now GoDaddy owned has gone down downhill. Managed WP for managing sites, which is GoDaddy owned has gone downhill. And so remember, your web host is party WordPress security solution. For agency we do the following. Never use Word admin as user ID turn on two step authentication to log into your WordPress site. Change the WordPress back end login URL, change the WordPress salts force complex password for any admin account. And frankly, we do manual manual, manual malware scans of all websites that we maintain on a regular basis. What is in our backup strategy, we backup every site we maintain once a day at minimum. Weekly we store the website backup for the week on an external storage drive and keep these backups for three months. The reason for that is sometimes you gotta go back a while to get rid of the vulnerability that’s been installed. Many times of vulnerability will be installed months before and then activated at a later date. We then run plugin updates for the site after a backup is done. At the same time we do WordPress core updates and theme updates. And we test the websites to make sure they function after being updated. The reason for software updates is they contain feature and security updates, so do them regularly. If a major theme plugin or core update comes out before our regular scheduled day doing updates, we do them anyway. And right away because they usually have security fixes in them. The problem is if you don’t in the script, kiddies write the scripts. And the vulnerabilities are known in the wild and your site could be vulnerable. So get them done as soon as you can. Now once again, I need to remind you to test your backups by doing a restore to a test domain before you really need to use them. And that’s okay, the back of the ability of the backup working is only as good as the ability to restore the data. Hope these strategies help you make your business more secure. If we can help you in any way, including taking over your backup process, please email us at VIP at stunning digital marketing.com. To be very frank with founders, many small business owners say I get all this stuff but they don’t have time to do it. Frankly, for a nominal fee, we’ll be glad to do it for you. We’re not really expensive and it’s worth every dime to protect your online presence. And then next episode of The STM show we’ll be talking about a solution for backing up a photo culture.
09:45
And stay tuned for that. I think you’ll enjoy it and I’ll talk about some management tips to manage it as well. As always this podcast dedicated to my late father Bruce Cairns. Keep your feet on the ground keep reaching for the stars. Make your business succeed. Ciao for now.
00:11
Hey, I’m Rob. I’m the CEO and Chief creator of mazing ideas, stunning digital marketing.com. I hope everybody’s having an amazing day. Today I want to talk about something really important. We have a saying in our business called it’s not a fuel be hacked. It’s one, and how do you recover? So what I thought I’d do with y’all is give you my, my broken down strategy on how to protect your business. It’s the same one we use in our agency. And you can also apply this strategy to your home life. And I really want to help you. So please take the time to listen to this amazing podcast. That’s really important. Now, before I move on, many people say, but Rob, you’re a marketer. What do you know about security, I spent 22 years in health care. I was the lead technician for client services for Sunnybrook Health Sciences Center in Toronto. I also provided end user support, and at the time I lived and breathed security, I still do today. Avoiding the online world is not proactive protecting yourself is. Now let’s move on to some things that you should do to make yourself more secure. Then we’ll move on to our update backup strategy. By doing these things, you’ll protect your business and be able to recover if you’re hacked. And by the way as exciting apply the same things to your home life. So still take note, please take the time to get a pen and paper and make some notes. You’ll want to keep this episode for reference and keep going back to it because there’s a lot of really good nuggets in it to help you at home and with your business. The first big tip is to use a password manager to manage your passwords. Our Password Manager choices LastPass but one password, and many others work just as well. It has a browser extension that works in all major browsers, Mac, Windows, Linux, it also has versions for the Android and the I OS for smartphones. Do not and I mean, do not use a book called passwords to keep track of your passwords. Many people do that with the book right beside the computer. And this is asking for trouble. One reason I do use a password manager is I don’t use the same passwords on multiple sites. And frankly, I use very complex passwords. This way the password manager remembers them for me, and I don’t have to remember them. And that’s a good thing. Now, I also suggest that you turn on two step authentication. This is really key. Also, do not use your cell phone as a second step via text messaging on. And you might ask why there’s a phenomenon called sim jacking. What sim jacking means is, the bad guy calls up your cell phone carrier and works their way around. So they they break down and send them a SIM card. And the reality of doing that is it gives him your SIM card he punctured in your phone, he’s got your phone number, they never text sent to your phone number. So that’s why I don’t suggest using you know, sim text messaging as a second step. Now there are some cool apps out there under iOS working with Google that does use your cell phone. Those are okay. I actually use what’s called the new wiki. It’s a security key that you pre authenticate. You need this plus the password to get into services or Troy Well, one caveat with Uber keys. If you’re going to use one, get multiple ones. If you lose one or it stops working, you have a backup to get into accounts. There’s also a service called Google authy. It does basically the same thing and works well. This is the first two steps in helping you minimize what happens if someone tries to hack you Password Manager two step authentication. So let us take you through the strategy for Windows 10 machine. We’ll talk a little bit about Windows seven. And then we’ll take you through a WordPress strategy. Window strategy. First thing is if you got windows seven, the last security fix came out on January 14 of this month. It’s now what’s known as E Ll or Ando life, as we call it for geeks. So what you really need to do is upgrade to Windows 10. And what I’ll tell you is Microsoft is off to servers turned on. So you should be able to do a free upgrade but I can’t guarantee. I know over the last couple of weeks I did summer nimbala did Kendall 14 and I didn’t have any issues to try. You have nothing knows. Make sure you keep your software up to date, including web browsers
04:59
and our offer now Data protect you from security. First, backup your computer on a regular basis. I suggest using two external USB hard drives. Frankly, they’re very cheap. Keep one on site NeXT Computer one off site away from your office, need to store it at a friend’s do so or colleagues or at home or anywhere where your computer is. Just copy your data to these two hard drives on a regular basis. Now, if you only want to use one hard drive, you can use a backup service like I drive backblaze or Carbonite as well. They work really well as well. The big suggestion I have is make sure you have tested the ability to restore files for free need to remember your backup is only good as the ability to restore. Now you might ask Do I really need to keep the backups off site? The answer is yes in case of a fire theft, or other natural disasters. Now this really covers everything I do for backups in the simplified manner except for photos. And what I’m gonna do because photo management and photo backups are different. I’ll cover that in the next podcast. So you want to stay tuned for that special episode. Because losing photos frankly, the prices Now let’s talk about WordPress websites. At styling digital marketing car.com we have over 200 websites on WordPress security care plans. We are your security experts. We’ve been doing this a long time. And we can really help you if you want that help. The following is a protocol that we use to backup and secure websites and minimize the chance that they may not be hacked. First thing is choose your web host very carefully. Our web hosts to choice these days is siteground have been with them for three or four years. Some other good choices are canasta cloudways WP Engine, and a few others, frankly, stay away from GoDaddy one on one or anything big governments international group owns touches or is near. They’re not really good to deal with. And even things like security which is now GoDaddy owned has gone down downhill. Managed WP for managing sites, which is GoDaddy owned has gone downhill. And so remember, your web host is party WordPress security solution. For agency we do the following. Never use Word admin as user ID turn on two step authentication to log into your WordPress site. Change the WordPress back end login URL, change the WordPress salts force complex password for any admin account. And frankly, we do manual manual, manual malware scans of all websites that we maintain on a regular basis. What is in our backup strategy, we backup every site we maintain once a day at minimum. Weekly we store the website backup for the week on an external storage drive and keep these backups for three months. The reason for that is sometimes you gotta go back a while to get rid of the vulnerability that’s been installed. Many times of vulnerability will be installed months before and then activated at a later date. We then run plugin updates for the site after a backup is done. At the same time we do WordPress core updates and theme updates. And we test the websites to make sure they function after being updated. The reason for software updates is they contain feature and security updates, so do them regularly. If a major theme plugin or core update comes out before our regular scheduled day doing updates, we do them anyway. And right away because they usually have security fixes in them. The problem is if you don’t in the script, kiddies write the scripts. And the vulnerabilities are known in the wild and your site could be vulnerable. So get them done as soon as you can. Now once again, I need to remind you to test your backups by doing a restore to a test domain before you really need to use them. And that’s okay, the back of the ability of the backup working is only as good as the ability to restore the data. Hope these strategies help you make your business more secure. If we can help you in any way, including taking over your backup process, please email us at VIP at stunning digital marketing.com. To be very frank with founders, many small business owners say I get all this stuff but they don’t have time to do it. Frankly, for a nominal fee, we’ll be glad to do it for you. We’re not really expensive and it’s worth every dime to protect your online presence. And then next episode of The STM show we’ll be talking about a solution for backing up a photo culture.
09:45
And stay tuned for that. I think you’ll enjoy it and I’ll talk about some management tips to manage it as well. As always this podcast dedicated to my late father Bruce Cairns. Keep your feet on the ground keep reaching for the stars. Make your business succeed. Ciao for now.
Google Podcasts
PocketCasts
Radio Public
Spotify
Stitcher
Apple Podcasts
Amazon Music
