Technology

Creating a website is an important part of building a business today. Many businesses have abandoned brick and mortar altogether and opted to save money on rent. They’re doing so through a digital storefront.  In 2020, Canadian businesses brought in over $350 billion in sales, whereas the physical retail sector earned $22 billion. The COVID-19 pandemic changed the landscape of e-commerce and the way people shop in general.  Online sales for businesses grew significantly since 2013, when all Canadian businesses grossed $136 billion in e-commerce. An online storefront in a post-COVID-19 world can prove profitable. That is due to the new stream of consumers turning to online orders instead of in-store purchases.  In terms of online sales, over 70 per cent of businesses with online sales used a company website and 36 per cent of businesses used a third-party website, platform, app or online marketplace. Around 11 per cent used an app they built for their business. The numbers show that most businesses are using websites to drive their online sales. Credit cards are also the most accepted mode of payment. As 81 per cent of businesses reported them as their primary payment method. When constructing a website, one of the first steps is selecting a domain name that aligns with your business’ name. When choosing a domain, it is important to search what you plan to name your website. In doing so, make sure the chosen name isn’t already taken. It is important to keep your domain name short and concise and avoid unnecessary characters such as hyphens or underscores. It is also highly recommended to choose a domain name that is search engine optimized (SEO). This means including keywords and a location in the domain name. For example, “TorontoMovers.ca” would be SEO-friendly because it is short and includes the business’ location and the service provided.  If you have previous experience coding or building websites, creating a website from scratch is an option. There are also services to help with website-building for those less experienced in the area. Cira.ca is a website for Canadians looking to build their own website. It allows you to browse through registrars and select one that can offer the services you need.  A registrar is a company that sells domain names and related services like web hosting. Choosing a registrar that works for you and your business’ needs is a key step in launching your website.  After the technical elements are completed, it is important to start working on the “About us” section of your website. You want to communicate who you are and what you do clearly and concisely. Doing so will inform potential customers who visit your website. You should display your mission statement, contact information and any other relevant details that first-time website visitors need to know. So users can purchase services and products from your website, you will need a service allowing customers to transact financially. There are many different platforms to use, such as Shopify, Wix, Business Squarespace and GoDaddy. You can assess your business needs and choose which platform is best for your growing business. Once you get your website up and running, with hosting and e-commerce, you should spruce up the website. Make design choices that reflect your personal taste and the aesthetics chosen for your business and its services.  From there your website will be ready for customers to browse with your products and services available to purchase.

Cyber crimes are becoming a big concern in Canada, with every growth rate breaking records from the previous year. In 2020, CyberEdge Group reported that 78 per cent of Canadian organizations fell victim to cyber-attacks at least once. In 2021, this increased to 85.7 per cent.  There has been increased awareness calling for cybersecurity investments. Small- and medium-sized businesses continue to be the most compromised of all organizations. In fact, they account for 41 per cent of cyberattacks in 2021, with damages incurring up to $100,000 in costs.  The Insurance Bureau of Canada (IBC) released a report stating that only half of the affected small business owners said they implemented stronger defenses in cyber protection. And only a quarter (24 per cent) planned to invest in cyber insurance within a year.  Cybercrime means identity and corporate theft, loss of staff and customer sensitive information, disabled servers and disruption of trades. And large financial losses potentially leading to bankruptcy. In a few seconds, your business could disappear. Aside from recovering lost data, the costs of repairing are crippling. Some costs may include quarantining infected software and hardware, repairing or replacing infected systems and implementing stronger security. As cybersecurity technology advances, so, too, do cybercriminals’ innovative tactics. Understanding cybersecurity and the ways a cybercriminal can compromise your system is the first step in developing a prevention strategy. What is cybersecurity? Cybersecurity is the prevention and protection of equipment, networks, software and data of an individual/organization through various security layers. Many programs such as Kaspersky Internet Security offer these multi-layered services. These services provide protection of email spam, malware, phishing, hacking attempts and data leaks. But a comprehensive security strategy for a company must cover all parties concerned. All employees who work with technology must receive cybersecurity training and participate in the company’s security prevention strategy. They must also  understand the resources available to them for self-defense. Investments in IT support, experts and cybersecurity programs greatly  improve the effectiveness of security measures. Common types of cybercrime Malware Malware is designed to gain unauthorized access to a system and disrupt it by modifying, destroying, blocking or rendering data. It can also significantly affect the performance of the system. Examples of malware include worms, trojan viruses, spyware and adware.  Phishing Phishing is a common counterfeit communication operation. It can be found through emails or text messages that appear to be from a credible source. Cybercriminals often manipulate vulnerable people into clicking their links using emotional strategies like fear, curiosity or greed. Once a link is accessed, private data is stolen. Ransomware Ransomware is one of the most significant threats to businesses globally. It encrypts sensitive data until a specific ransom in Canadian dollars, bitcoin or cryptocurrency is paid. In some cases, this data is not recovered and is completely deleted by the cybercriminal. More people began to work from home in recent years. This has sparked more opportunities for online criminals to target small businesses. Disrupted denial of service (DDoS) A DDoS assault disrupts the traffic of a business server, service or network. It does so by flooding it with so much malicious internet traffic that the server crashes. A cybercriminal accomplishes this by creating hundreds to thousands of “botnets”. These make up a literal army of infected devices that cooperate under the criminal’s command. Incident response plan Often, in the unfortunate event that a data breach does occur, if there is no incident response plan laid out for all staff to use, panic can quickly ensue. The Canadian Centre for Cyber Security recommends that staff always have a written response plan on hand. This ensures that a productive response is carried out without incident. Each response will vary based on the incident of each business. They claim the incident response plan should at least stick to the PICERL process: Preparation Identify the first steps employees should take when a potential incident has occurred. Examples include evaluating risk assessment, information on symptoms of a data breach and assigning specific roles to every employee. As well as contacting professional staff or affiliated businesses as soon as possible. Identification Outline how your organization will identify and detect an incident. As evidence of a data breach, this phase requires all data available for access. This can include log files, error messages, intrusion detection system reports and firewalls to be documented. Assess the severity of the breach and track down the source. Containment Outline the unique actions your organization must take to prevent further damage from occurring and shut down necessary devices. Some steps could be: change all passwords while documenting old ones and contact all potential at-risk individuals and your bank. Then, disable remote open access on the internet until the malware has been eradicated. Eradication Provide instructions on how your staff can remove and restore infected systems. This can be as simple as disconnecting infected devices and wiping out the virus with an antimalware program. This may require more complex steps, which all IT professionals must conduct. Recovery Specific staff should be instructed on how to restore backup data and replace or wipe data storage drives. IDS systems also proposes activating a cloud-based replica of your entire network. It could save your whole business by allowing operations to continue while investigations continue. Lessons learned—make sure it doesn’t happen again! This may be the last step, but keep in mind that it should always be first in your prevention plan. Take inventory and understand how the incident occurred in full transparency with your team. Then, evaluate your incident response plan to see if there could be additional improvements. Even with the most advanced security measures, human error will continue to pose a serious threat to your business. Your employees are your greatest asset and greatest responsibility. As a leader, you cannot hold people responsible for future mistakes if you do not prioritize safety via education. Short-term cybersecurity training can save you from long-term damage.