Safer Internet Day 2019 will be celebrated across the world on Tuesday 5 February with the theme ‘Together for a better Internet’.
The aim is to ‘inspire a national conversation about how to use technology responsibly, respectfully, critically and creatively’ and is a great reminder for salons and barbershops to make sure they’re making the most of technology while staying safe and legal.
This blog post covers:
- Some facts and figures
- The importance of password protection
- Making your social media accounts secure
- Protecting your systems
- Backing up your data
- Fending off phishing attacks
- Securing mobile devices
- GDPR – staying legal
- The importance of staff training
- Security audits
- Insuring against cyberattacks
Some salon and barbershop owners assume they’re too small to be targeted by cybercriminals, but hackers often see small businesses as an easy target. That’s why it’s vital to remain vigilant and protect your business against financial and reputational damage.
A cyberattack will damage, destroy or breach your salon/barbershop computer system. Some hackers do this for fun, others ask for a ransom to put things right or will use personal data, such as customer details, to commit fraud for financial gain.
An NHF/NBF survey found that over half of Members surveyed (56%) had been targeted by cybercriminals, and the vast majority of those had suffered financial loss.
In addition, government figures for 2018 found that:
• Over four in ten (43%) of all UK businesses suffered a breach or attack in the previous 12 months. For large businesses this rose to two thirds, or 72%.
• The most common breaches or attacks were via fraudulent emails - for example, attempting to coax staff into revealing passwords or financial information, or opening dangerous attachments.
• Other common breaches included cybercriminals impersonating the organisation online, or infecting computer systems with malware and viruses.
Take password protection seriously in your salon or barbershop. Make sure all your devices are password/PIN/fingerprint protected.
Always use two-step authentication where this is offered – for example, banks and social media accounts will often give you this option. This provides an extra layer of security by requiring both a password and a code sent to your mobile phone before you can login.
Avoid passwords that can be easily guessed and have a separate password for each of your accounts. For example, have different passwords for your email account, client details account, staff details account, bank account and any other business-related accounts you have. It’s tempting to have the same password for everything – but this is very bad practice because if a hacker gets hold of it they’ll have access to all your business information.
Passwords do not have to be changed on a regular basis – only if you suspect your systems have been hacked in any way. Always change the default password that comes with new devices.
Make sure passwords are stored securely and only share passwords with staff members who need to know them.
The NHF/NBF offers a free guide to choosing salon software packages.
Have a separate password for each of your social media accounts and make sure they are not the same as any you have for your business accounts.
Beware of fake social media websites that may look very much like the original. Always make doubly sure the site is genuine before entering any of your login details.
To make your social media accounts extra secure, use two-step authentication.
Members can download this marketing guide which is packed with expert advice.
Use anti-virus software on all your devices and always obey prompts to instal updates. Make sure your firewall is switched on to help block any unauthorised access to your systems and strictly control the use of hardware such as memory sticks.
Make a backup of all the electronic data you hold on a regular basis. This will protect you against loss of data as the result of a cyberattack, but also in case of damage caused by fire or flooding.
Find out how to plan for ‘business as usual’ when faced with disruption caused by natural disasters, fire, theft or power cuts.
Ensure your backup files are not permanently connected to your main computer system, either physically or via a local network. Consider backing up to the cloud.
Phishing attacks are fake emails that ask for banking details and provide links to scam websites. Always look out for signs of fake emails such as poor spelling, poorly reproduced logos and suspicious email addresses.
Make sure your staff understand that they must not follow links to websites from emails sent to your business accounts. However, if a member of staff is caught out don’t be critical as this may discourage your employees from reporting suspicious activity on your accounts.
Carry out a virus scan and change passwords if you suspect a phishing attack has taken place.
Don’t forget to protect any mobile devices used for your salon or barbershop business. Make sure they’re pin, password or fingerprint protected and configure devices so they can be locked or tracked if stolen.
Keep your devices and apps up to date. Use the ‘automatic update’ option if possible and don’t use old devices that are no longer supported by manufacturer’s updates.
Don’t use public Wi-Fi hotspots when handling sensitive data as they are not secure enough and you may put your data at risk. It’s safer to use a 3G or 4G hotspot instead.
Always keep track of all the mobile devices that are used in connection with your salon or barbershop business so you know where they are and who is using them. It’s a good idea to strictly limit the number of people allowed to take them off-site as this reduces the possibility of losing devices or having them stolen.
Salons and barbershops hold data on clients and employees which is very valuable to cybercriminals. Remember that GDPR imposes much stricter requirements than the old Data Protection Act and you must make sure that any data you hold is secure and protected.
You would have to report serious data breaches to the Information Commissioner’s Office (ICO) and the individuals affected – whether your staff or clients - would also have to be told.
GDPR means you must ensure your data is securely password-protected. Download our detailed Members-only guide to GDPR.
Not yet a Member? Join us now for less than 75p a day to access this user-friendly in-depth guide and make sure you are complying with GDPR.
NHF/NBF Members can call our friendly membership team for advice and also have access to our free 24/7 legal helpline. Find out more about legal benefits for Members:
Make sure all your staff are aware of the dangers posed by potential cyberattacks and know what they should do if they suspect a cyberattack.
It’s also important to reserve the right to look at all incoming and outgoing emails and the history of web pages that have been browsed from your business devices.
Carry out regular reviews of your online security to ensure your procedures are up to date and applied across all your devices and accounts.
Consider taking out cyber insuranceto protect against financial loss from cyberattacks.
The NHF/NBF works in partnership with Coversure Insurance Services (Huntingdon) to provide value-for-money specialist insurance cover for our Members in the hair, beauty and barbering industries.
• Salons and barbershops are vulnerable to attack by cybercriminals – don’t ignore the dangers.
• Make sure all your business devices, including mobile ones, are password protected.
• Use two-step authentication where provided.
• Use a different password for each account, including social media accounts.
• Make sure your passwords are difficult to guess.
• Use regularly updated virus software on all your devices.
• Make regular backups – but ensure these files are not directly linked to your main computer system.
• Be on the lookout for fake emails to avoid ‘phishing’ attacks.
• Don’t use public Wi-Fi hotspots.
• Make sure your mobile devices can be remotely locked or tracked if stolen.
• Remember to comply with GDPR.
• Ensure your staff are trained in online security.
• Carry out regular security audits.
• Consider taking out insurance to protect against financial loss from cyberattacks.
You may also be interested in...
Are you making the most of social media to help your business make a splash? In today’s online world there are plenty of opportunities to publicise your salon or barbershop, raise your profile and keep in two-way contact with your clients. Find out more.