Staying safe online
Digital technology offers a world of opportunity to help grow your business. But for the unprepared, selling online or even just using email can bring significant security risks.
Taking online security seriously is an important way to show potential customers you’re an organisation they can trust. In Australia, ensuring effective system and data security is also a legal obligation.
In this module, you’ll learn some simple steps to help keep both your customers and your business safe online.
A virus is simply a piece of code loaded onto your computer without your knowledge or permission. It can reproduce by moving from file to file, or computer to computer, frequently destroying those files as it goes. Malware (malicious software) can damage or steal data on your system.
Part 1: Ensuring your data is safe from online predators
If your system is attacked, you want to know you have the best possible protection. As well as damaging your business operations, failing to protect your systems and data can impact your business reputation and your customer relationships.
Here are some simple steps you can take to protect your data from online predators.
- Develop a daily back-up strategy for critical data.
- Install security software that includes a firewall, anti-virus and anti-malware protection. Visit staysmartonline.gov.au for free resources.
- Use spam filters, and make sure your staff can recognise spam or hoax emails.
- Stay alert. Subscribe to staysmartonline.gov.au/alert_service to keep informed about the latest security threats and how to manage them.
- Develop a culture of security in your business and encourage staff to be aware of security solutions.
Part 2: Keeping your customers safe
Keeping your customers’ data safe is vital, particularly credit card details and addresses. As well as being an important way to build trust and relationships with customers, it’s the law. Australia’s privacy laws place obligations on businesses with an annual turnover of more than $3 million, and on organisations that sell or purchase personal information.
What is personal information?
Regardless of how it’s recorded, or whether or not it’s true, information that identifies a person (or makes an individual ‘reasonably identifiable’) is considered personal information. This includes:
- customer names;
- email addresses;
- contact information;
- billing and transaction information;
- photos and videos; and
- information about a person’s preferences or opinions.
Sharing personal information
You must not share customer details without their consent.
Encrypting customer data
When you set up your online e-commerce site, make sure your provider encrypts customer data and uses the best SSL certificates. (See Module 10 for more information)
Part 3: Your customer privacy obligations
Businesses with an annual turnover of more than $3 million, and organisations that sell or purchase personal information, must comply with Australia’s Privacy Act.
Check-list
- See how the Australian Privacy Principles (basic governing standards) apply to you. Find them here – oaic.gov.au
- Develop a privacy policy outlining how you collect and use information. Guidelines are available here – oaic.gov.au/privacy/privacy-resources/privacy-guidelines/guide-to-developing-an-app-privacy-policy
- Provide your privacy policy to customers on request.
Note: The Office of the Australian Information Commissioner has the power to investigate breaches of the Australian Privacy Principles.
Further resources
If you want more information about protecting your customers and your business online, these resources may help. All information was current at the time of writing. You’ll be leaving this website when you use these links.
Staysmartonline.gov.au/smallbusinessguide
The Australian Government’s Stay Smart Online website offers advice to small businesses and other Australians about being secure and safe online. Stay Smart Online, in collaboration with Australia Post, Australia and New Zealand Banking Group Limited, Commonwealth Bank, National Australia Bank, Westpac and Telstra, has developed the Small Business Guide which is intended to help you put in place some basic online security practices.
A provider of online security systems and products.
Information from the Australian Competition and Consumer Commission about how to recognise, avoid and report scams.
Online security and safety information for small businesses and personal use.