Smart
selections when starting small can ease the pain as you scale up your company’s
privacy
If, unlike
enterprise customers, you don’t have six figures to spend, what are some things
you can do to protect your data that can scale as your business grows? Even if
you don’t plan on scaling to an IPO, but are looking for good, solid privacy
tech on the cheap, here are five ideas to help.
Multifactor authentication (aka MFA)
You don’t
have to go crazy here to get decent
protection: a sub-US$50
hardware authentication device (typically USB/NFC) from a reputable
manufacturer can really help you lock things down – and software choices abound
as well. If your company goes public and you need something bigger and more
complex, you can still use this technology at scale, and it’s very hard to
hack.
Password management
Here the
important thing is to PICK SOMETHING that has a good reputation for security.
They’re normally cheap or free and you can integrate the well-known ones with
larger systems, should the need arise down the road.
Email encryption
You don’t
have to be a rocket scientist anymore; you can download free or cheap software
like GPG that can be used to sign email communication, making it practically
impossible for an adversary to spoof your email … or you can fully encrypt it, so an
adversary cannot intercept its meaning … or both. If your email recipient
receives an email supposedly from you and it doesn’t have a cryptographic
signature, they should know something may be amiss.
Secure Wi-Fi router
You don’t
have to spend much more than the cost of a cheap home router to get something
that has really robust
tools, good vendor support into
the future, a good reputation for security and a wide user base. If you pick
enterprise names and look for their less expensive router models, typically
marketed for small business, they have security features you can scale with,
and they only cost US$50-100 more than the lower-end one you were planning on
getting anyway.
VPN
Encrypting
your traffic by default is a good way to steer clear of prying eyes when your
data is in transit. With modern virtual
private network (VPN)
software, it’s not terribly difficult to set up, some can even be set up to
connect automatically when you power up. Again, look for a supplier that has a
low-end option to what is normally considered an enterprise offering. Yeah, it
may not have all the bells and whistles like integration with authentication
through Active Directory, but later if you need it you have a chance of
integrating something you’re already familiar with and using it simply by
upgrading your license.
If you have
some of these pieces implemented and have time to get familiar with them,
you’ll already have a leg up if you have to scale. If you use them for personal
use and later get a job with increased security requirements, they’ll be happy
to know you’re already up to speed on these technologies. Even if they have
different systems, there will likely be many similarities with what you already
know. In the meantime, you’ll have more peace of mind without breaking the
budget.