a line of blue locks and one red that is unlocked

In a world where everything has become digital, it’s easy to get a little lax when it comes to cyber security. But the convenience of doing business (and everything else) online comes at a price.

Without proper security measures, you could be putting your business and your clients at risk. Put these eight security measures in place so you, your staff and your clientele can do business worry-free.

#1 Educate

The first step to cyber security is to establish best practices and make sure all your employees understand them. These practices should include password protocol, internet guidelines (including penalties for violating salon policies), and how to protect customer information.

Put your cyber guidelines in your employee handbook, on your internal Facebook or web page and in the back room. Discuss them with employees regularly at staff meetings and one-on-ones, and hold them accountable if rules are violated—your client’s identity or financial information could be at stake.

One word of caution: don’t give any single employee access to all your data system—even your top managers. Each employee should only have access to the software they need to do their job and should not be able to install any software without permission.

#2 Protect Your Software and Internet

This is a big one! Secure operating systems and web browsers will protect your business from viruses or other online threats.

All of your salon’s computers should be equipped with antivirus software/antispyware that check software automatically on a regular basis.

In addition, a firewall should also be set up to prevent anyone from accessing data on your network. You can enable your operating system’s firewall, and this safeguards your internet connection as well. Because of this, it’s important to keep up with your operating system and application updates. Vendors are constantly making security improvements designed to protect your systems.

Remember to protect all pages on your public-facing websites as well, not just the online booking or ecommerce pages.

#3 Back Up, Back Up, Back Up!

With cloud-based software, back-ups happen regularly and automatically (thank goodness!). But you should still regularly check that all your important documents, databases, spreadsheets, human resources info, accounts payable, etc, are backed up on the cloud or offsite every week.

#4 Stay on Top of Passwords

At least every three months, require employees to change their unique passwords. Put strong password requirements in place, possibly even requiring multi-factor authentication (using additional information beyond a password to gain entry).

Have vendors that handle sensitive data for your salon? Find out if they offer multi-factor authentication as well.

#5 Mind Your Mobiles

With stylists booking clients and checking schedules on their phones all day long, protecting mobile devices has become more important than ever. Require all employees to password-protect their devices, encrypt their data and install security apps to protect client information when phones are on public networks. And don’t forget to create reporting procedures for lost or stolen devices.

#6 Control Your Computers

Again, multi-factor password protection is key! Lock computers up when unattended—particularly laptops, as they are easily stolen. Create separate user accounts for every employee and require strong passwords. Administrative privileges should only be given to trusted IT staff and managers.

#7 Secure Your Wi-Fi

Offering wi-fi to clients and your staff is a must. But they shouldn’t be on the same wi-fi network. Make sure your wi-fi for the staff is secure, encrypted and hidden. To hide your network, set up your wireless access point or router, so it does not broadcast the network name and password protect access to the router.

#8 Protect Your Clients with Best Practices on Payment Cards

The last thing you want is your clients’ credit card security compromised. Work with your bank or processor to ensure the most trusted tools and anti-fraud services are being used. Isolate payment systems from other, less secure programs and don’t use the same computer to process payments and use the internet.