Want To Save Time Using Your Mac? Get personalized Mac productivity tips!

Macpreneur

The show that helps solopreneurs save time ⏱ and money 💸 by streamlining how their run their business 📈 on their Mac 💻 🖥

You are here: Home / Episodes / MP019: Security considerations for Macpreneurs
MP019: Security considerations for Macpreneurs

MP019: Security considerations for Macpreneurs

By

Episode Summary:

So in today’s show, I’ll talk about security considerations for enterpreneurs running their business on Apple gear.

The topic is somewhat related to last week’s show that explored the reasons why upgrading the operating system right away after a new release might not be such a good idea.

Another motivation for exploring the security topic is the fact that on May 25th, 2018, the General Data Protection Regulation (or GDPR) has come into force and should be taken seriously by entrepreneurs and business owners, even those not based in the EU.

My goal with this episode is to share what I understand about GDPR and more importantly share universal security best practices, whether or not your business needs to comply with GDPR.

I’m curious to have your feedback on the shorter format. Please shoot me an e-mail at damien (at) macpreneur.com

Want to be a guest on the show? Then visit macpreneur.com/contact

Show notes:

Article 32 of GDPR in a nutshell:

  1. We should encrypt or anonymise the personal data we hold as much a possible
  2. The purpose of security is threefold:
    1. Confidentiality
    2. Integrity
    3. Availability
  3. We should be able to resume operations as quickly as possible, which is why backups of both data and hardware is important.
  4. We should regularly check whether or not the measures we’ve put in place are effective.
  5. Even if we’re using third-party services to process or hold personal data, we are ultimately responsible for the security or the lack of it.

The security perimeter:

  1. Hardware (incl. router & USB keys)
  2. Software & online services
  3. Premises & analog files

The risks:

  1. Unauthorised device or premises access
  2. User account hacking (remote attack)
  3. Malware infection

The potential consequences of getting hacked

  1. Data breach
  2. Impersonation
  3. Fraudulent purchases

The deeper consequences:

  1. Loss of time
    • Restore from backup
    • Personal Information processing can be ordered to be stopped (equipment can be seized)
  2. Loss of data
  3. Loss of money
    • Cannot serve customers
    • Administrative fines
    • Reputation damage

The fundamentals of security:

  1. Device & data encryption
  2. Access protection
    1. Strong passwords coupled with 2FA
    2. Safe and locks
  3. Keep your devices & apps updated
  4. Make regular backups (3-2-1 technique)

During the next two episodes, I’ll go through the security checklists that I have developed to help businesses secure their Apple devices.