Icon of a woman, in brand blue, with a healthcare badge and stethoscope.

Issues you (expect to) face

  • You need to exchange sensitive material with clients, like health data containing PII, but most clients aren't clear about how they safeguard such information.
  • Your IT contractors ask you to avoid using email to send assets, telling you email security is insufficient. If they don't, ask them why not.
  • You don't have an IT helpdesk, so you're responsible for finding and setting up the right tools and practices for your team.

With basic business activities (like banking, communication, and marketing) achieved using the internet, digital safety is an important investment.

Your digital safety is important. Evaluate your usecase. In the meantime, use these quickstarts to get started with basic defences to common cyber threats.

Get started with these three resources

1. Your IT contractors sometimes use jargon. We suggest using our Glossary to look up common terms they may use. To watch out for yourself, you need understand what's happening.

📬 Introducing the IT Glossary
Our IT Glossary is where we describe what we mean when we use certain words. Often the words we use are in common usage. Those words are not described the Glossary. Sometimes we use words in a slightly different way from common usage. Those differences we describe in the Glossary.

2. Credential stuffing is a common danger, and is growing in frequency. For example, 2020's CRA breach was down to people reusing passwords. Fortunately, credential stuffing is avoidable. To be safe, use a password manager to create unique passwords for all your logins.

📣 CRA hacks happened because people reuse passwords-here’s how to stop
Many of us are not only using the same lock and key everywhere, it’s a lock and key we bought at the dollar store.

3. When operating in the healthcare sector, avoid document collection via email. Documents sent via email tend to lie around for a long time, in effect waiting to be stolen.

📬 Avoid encouraging clients to email their documents-have a safe messaging app ready to receive
Common email isn’t considered secure. Encouraging clients (especially one-off clients) to use email when transferring sensitive information creates significant avoidable risk. This information could be very damaging if the system handling them lost control.

4. (BONUS!) Yes, we did say three resources. But knowing from experience that all small businesses handle a non-trivial amount of their own IT, this is one more guide that you'll find helpful- to easily, and reliably, archive documents for tax and regulations.

📬 What do actual backups look like?
The task of setting up a good backup system can look time-consuming and, often, intimidating. But it’s neither. Anyone can do it-everyone should. And it can take as little as 30 minutes.

Meta

Helpful words


Dog with heart-shaped nose in a screen, AKA the Majorcord logo.
Learning to be safer doesn't have to be a intimidating. Read up on our mission.