How to Legally Protect Your Online Business

Paul Estcott, Contributor, Business2Community

As a business owner, your biggest responsibility is to make sure that all operations run smoothly and you limit risks. In other words, you have to do all you can to not get sued and hacked. A digital security survey conducted by Symantec, with slightly worrying statistics, emerged in 2012. According to it, a whopping 83% of small businesses operated without having a formal cyber security plan in place. Even more alarming was the fact that roughly 69% of the companies surveyed didn’t even have an informal plan in place, despite the fact that they used the internet for daily operations (without properly setting up their Wi-Fi systems or using security systems).

This happens because most companies believe that data breaches, hackers, lawsuits and other privacy issues represent isolated incidents. They couldn’t be more wrong. Every year, legal issues and cyber attacks cost businesses over 200,000 dollars. But this doesn’t mean that it should happen to you. There are several ways in which you can protect your business online, both before an accident occurs and after the damage has been done.

Protect your Business against Cyberattacks

Let’s start with one of the most important aspects of business security. The first thing you should know is that protecting against cyber attacks isn’t that difficult. Sure, hackers are extremely intelligent and ambitious, but statistics show that entrepreneurs and business owners aren’t employing the best defense mechanisms against cyber crime either. According to Verizon, 80% of cyber attack victims were ‘targets of opportunity’. In other words, they had extremely poor security, if any. Here are a few things you should do to protect your business against cyber-attacks:

  • Purchase malware and anti-virus software. Malware is used in most data breaches. It can be planted onto a computer through spammy websites, suspicious emails or unsecure Wi-Fi connections. If the infiltration is successful, malware can capture login information and keystrokes. Other threats include email phishing, pop-ups requesting personal information, or social media account access. The good news is that it’s surprisingly easy to protect your business against malware and viruses. Simply install appropriate protection software. You should also update it regularly, because worms and other viruses thrive on out-of-date software.
  • Encrypt important data. Sensitive data such as bank accounts or employee details should be encrypted, because this is exactly the kind of information that hackers are looking for. According to Lance Spitzner, of SANS Institute, full-disk encryption tools, which are standard features for most operating systems, should be utilized at all times. Data encryption can also be used for cloud-based services or email platforms.
  • Educate Employees. As I already mentioned, most cyber attacks occur through compromised Wi-Fi networks (wardriving = hackers scanning an area until they find an unsecure network from which they can steal passwords, accounts & other sensitive data). If you insist on using wireless networks, you should make sure that they have strong passwords. You should also disable the SSID broadcasting function on your router in order to hide your network. Avoid using WEP networks. At the moment, WPA2 is the standard because it offers better protection.
  • Secure your company’s hardware. I won’t insist on this aspect very much. If you have invested tons of money in hardware, the best way to protect it is by securing it with rack-mounts, locked rooms, Kensington locks etc.  In addition to this, tracking software can be used for mobile devices such as tablets, laptops or smartphones.

Hire Experts for Security Issues

There are many aspects to bear in mind when it comes to the security of your business. First of all you have to protect data against cyber attacks. Secondly, you have to think about legal aspects regarding your professional activity. Thirdly, you have to make sure that you don’t break any rules while online (I am referring to use of copyright material, data privacy & disclosures for the collection of user data, liability limitations, fair use, etc.).

Note: for further clarification regarding Data Protection Laws of the World I suggest that you read this handbook, which contains specific information for different countries.

Yes, there are a lot of things to wrap your head around, you are not an expert in any of them, and you probably have better things to do with your precious time. So why not hire an expert, or better yet, a team of experts, to take care of them? First of all, you should think about hiring a company for your technology infrastructure or a security engineer responsible with online protection. Secondly, you have to find a good lawyer to handle all legal aspects regarding your firm. If you’re using cloud-based services, you should read the fine print to understand the terms and conditions under which they are responsible for your data. Weigh the pros and cons of each service prior to making a decision.

Putting together a security team will cost you quite a bit, but at least you will be able to sleep soundly at night knowing that your business is in good hands. In the end, even if things go downhill, these providers will take the hit for damages. You can even take legal action against them, by joining a class action lawsuit, for example, or by filing individual lawsuits to cover damages done.

The Science of Not Getting Sued

The Internet may be free, but this doesn’t mean that you can do just about anything on it. Here are a few tips that will help you steer clear of most legal issues:

There are a few other legal and security issues that you should consider, like adding a Disclaimer and Privacy Policy page on your website to limit liability, registering your Trademark, and securing a Patent, but apart from these, we most pendant issues have been covered above.

  • Purchase malware and anti-virus software. Malware is used in most data breaches. It can be planted onto a computer through spammy websites, suspicious emails or unsecure Wi-Fi connections. If the infiltration is successful, malware can capture login information and keystrokes. Other threats include email phishing, pop-ups requesting personal information, or social media account access. The good news is that it’s surprisingly easy to protect your business against malware and viruses. Simply install appropriate protection software. You should also update it regularly, because worms and other viruses thrive on out-of-date software.
  • Encrypt important data. Sensitive data such as bank accounts or employee details should be encrypted, because this is exactly the kind of information that hackers are looking for. According to Lance Spitzner, of SANS Institute, full-disk encryption tools, which are standard features for most operating systems, should be utilized at all times. Data encryption can also be used for cloud-based services or email platforms.
  • Educate Employees. As I already mentioned, most cyber attacks occur through compromised Wi-Fi networks (wardriving = hackers scanning an area until they find an unsecure network from which they can steal passwords, accounts & other sensitive data). If you insist on using wireless networks, you should make sure that they have strong passwords. You should also disable the SSID broadcasting function on your router in order to hide your network. Avoid using WEP networks. At the moment, WPA2 is the standard because it offers better protection.
  • Secure your company’s hardware. I won’t insist on this aspect very much. If you have invested tons of money in hardware, the best way to protect it is by securing it with rack-mounts, locked rooms, Kensington locks etc.  In addition to this, tracking software can be used for mobile devices such as tablets, laptops or smartphones.
  • Be mindful of what you say and do online. You should avoid making announcements, slanderous statements, or engaging in any business that might be considered suspicious. Partnering up with companies that end up being sued might also harm you in the fallout. In addition to this, you should also limit any possible conflicts of interest.
  • Insure your business. You should definitely think of obtaining liability insurance to protect yourself against unfortunate events. Errors and omissions coverage should also be considered, especially if you’re working with people. Another option besides purchasing insurance is to build protection through your contracts.
  • Separate yourself from your business. The vast majority of business owners operate their businesses as sole proprietorships. This isn’t a major issue, but it might end up with the owner getting sued, on his individual assets, due to problems that may appear with the company. To avoid such a situation, you should consider having a trust own the business.
  • Umbrella Insurance Policy. I know I have already mentioned insurance, but I feel like umbrella insurance policy deserves a separate mention. This type of coverage goes beyond the limits of regular policies and adds an extra layer of protection to those who risk getting sued. You can read more about it on Investopedia.
  • Assign a legal entity to your business. There are several options you can choose from: Limited Partnership, Corporation, LLC, Sole Proprietorship etc. Each of them has its pros and cons, but it is ultimately up to you to decide which one fits your needs best. LLCs are preferred because they pass losses through the company, to people involved in it.

There are a few other legal and security issues that you should consider, like adding a Disclaimer and Privacy Policy page on your website to limit liability, registering your Trademark, and securing a Patent, but apart from these, we most pendant issues have been covered above.

This article was written by Paul Estcott from Business2Community and was legally licensed through the NewsCred publisher network.

All information in this article is from sources deemed to be reliable.

The information contained in this web site is provided to you “AS IS”, does not constitute legal advice, is governed by our Terms and Conditions of Use, and we are not acting as your attorney. We make no claims, promises or guarantees about the accuracy, completeness, or adequacy of the information contained in or linked to this web site and its associated sites.