Jeff Bezos’ phone was hacked. And if the richest person in the world is vulnerable, chances are good that your startup could get hacked, too.

The good news is that, as a tiny company, you’re not a big target. But as soon as you hire your first employee, it’s time to think about adopting basic security practices to ensure that you’re less vulnerable. Nothing is perfectly secure on the internet, but you can mitigate risk.

When you have fewer than 10 employees, you don’t want to use a single sign-on service like Okta. Solutions that work great for companies with tens of thousands of employees are not practical because they’re not designed for you.

As a basic rule, you want things to be simple by design. Relying on fewer services will reduce your attack surface, and if people can follow rules without even thinking about them, your organization will be less vulnerable. You might be great at spotting phishing attempts and securing your own accounts, but your startup is only as secure as your least-savvy employee. Most security issues come from human error.

Source link