ProtonBlog(new window)

Top cybersecurity solutions for small businesses

Share this page

Cyber criminals love to target small businesses because they know small and medium-sized businesses, short on time, resources, or expertise, cannot always secure their data(new window). But the cost of not securing your company’s data has never been higher. The data breaches themselves and the GDPR fines(new window) make it too expensive for businesses to ignore cybersecurity.

It is important to state that cybersecurity is primarily about creating a culture of cyber security awareness(new window). That means training your employees to consistently implement best practices and having the proper processes in place to deal with security breaches. Merely switching to encrypted services will not solve all of your cybersecurity issues. However, encrypted services do reduce your company’s exposure, and, when paired with a security-conscious workforce, they can go along way to preventing a data breach or hack.

Note that while some of these tools will be good solutions for companies of any size, others will work best for smaller businesses that have not created their own internal network. Securing a larger business’s network(new window) will require specialized tools, such as firewalls, intrusion detection & protection systems (IDS/IPS), authentication services, and advanced monitoring solutions.

Email provider

Most small businesses rely on emails to handle both their internal and external communications. Following email security best practices(new window) is essential to keep your business’s data safe, but some email providers can offer your company more security than others.

ProtonMail

Proton Mail offers its users end-to-end encryption(new window). Your emails are encrypted before they leave your device so that only you and your intended recipient can access them. You can even secure your messages to non-Proton Mail users(new window) by sending password-protected emails. Finally, Proton Mail is both GDPR(new window) and HIPAA(new window) compliant.

Platforms: Android, iOS, and web app. Also has Bridge integration(new window) with Microsoft Outlook, Mozilla Thunderbird, and Apple Mail
Price: Has a free option. Proton for Business plans start at $6.99 per user per month.

VPN

A virtual private network is an effective way to add a layer of encryption to your online activity. It also allows your employees to safely work on public WiFi while they are on the road.

Proton VPN

Proton VPN secures your Internet connection with AES 256-bit encryption, the industry gold standard, and its use of Perfect Forward Secrecy means that even if your traffic is intercepted and saved, it can never be decrypted at a later date. It has hundreds of servers available in over 30 countries and on six continents, which means your business is never too far from a fast, secure VPN server(new window).

Platform: Android, iOS, Linux, macOS, and Windows
Price: Has a free option. Proton for Business plans start at $6.99 per user per month.

Cloud storage

Cloud storage has redefined how offices can work. By storing files on the cloud, your business can maintain a backup of all critical documents in case of a catastrophic system failure as well as easily share documents and sync progress between different employees. Protecting these files and the data they contain should be one of your business’s top priorities.

Proton Drive

Proton Drive provides end-end-encrypted cloud storage for all your files, and also supports end-end-encrypted sharing of files and folders. 

Platform: Web, with dedicated clients for all major platforms coming soon
Price: Has a free option. Proton for Business plans start at $6.99 per user per month.

Domain name registrars

If your business has a website, you know you need a snappy, memorable web address to help people find you. (If your business doesn’t have a website… you might want to reconsider your approach.) To register your web address, also known as a domain, or to see if it is available, you must work with a domain name registrar.

A quick note on privacy and domain name registrars: When a domain is registered, the Internet Corporation of Assigned Names and Numbers (ICANN) requires the registrar to file the owner’s contact information, like their name, email, address, and phone number. This information is then added to the WHOIS public database, which can be searched by anyone on the Internet.

With the information listed in the WHOIS database, hackers can spam you and potentially hijack your domain or steal your identity.  

Namecheap

Namecheap(new window), as their name suggests, offers domain names at great prices. They claim to be a “one-stop shop” for setting up a website, and they offer what they call WHOISGuard for free to anyone that registers a domain with them. WHOISGuard uses its own contact information and a unique, random @whoisguard.com email to replace your personal email and contact information, keeping your personal information out of the public sphere. Namecheap also allows you to protect your account with two-factor authentication (see below) that makes it much more difficult for someone to hijack your domain.

Price: Varies, depending on desired domain

Team collaboration

Many businesses have employees and contractors working remotely. This can make coordinating a challenge unless you use a team collaboration app. Given the amount of information that can be exchanged and stored on these platforms, using one that is encrypted is a necessity.

Wire

Wire(new window) is one of the only end-to-end encrypted services that allows for group calls, which makes it more useful than Google Hangouts and more secure than Slack when trying to manage team communication. Wire has been independently audited and is entirely open source, allowing you to be sure that Wire’s code is doing exactly what they say it is.

Platforms: Android, iOS, Linux, macOS, Windows, and web browser add-ons
Price: Starts at €6 per user per month

Messaging

For companies that do not need all the functionality of a collaboration app but still want their communications to be secure, there are end-to-end encrypted messaging apps.

Signal

Signal(new window) is widely considered to be the most secure encrypted messaging app, with endorsements from numerous experts, including Edward Snowden and Bruce Schneier. It supports texts, group texts, as well as voice and video calls. Conference calls between more than two people, however, are not possible.

Platforms: Android, iOS, Linux, macOS, and Windows
Price: Free

Threema

Threema(new window), unlike Signal, does not require a phone number to create an account, which means Threema is as close as you can get to truly anonymous messaging. The company headquarters is in Switzerland, giving its service strong legal privacy protections. Threema has also created a special plan that is optimized for businesses and is GDPR compliant.

Platforms: Android, iOS, Windows phone, and web app
Price: Starts at 1.40 CHF per device per month

Password manager

Creating strong, unique passwords(new window) or passphrases(new window) for your accounts is one of the basics of cyber security, but no employee can remember all the passwords necessary to log in to all the platforms they need to use for work. (Look how long this list is already!) A password manager changes all that. By safely encrypting all your passwords, a password manager allows you to create passwords that are impossible to crack, without having to remember them all. Using a trustworthy password manager to secure your passwords is one of the easiest ways to improve your company’s security.

Bitwarden

Bitwarden(new window) is an open source, end-to-end encrypted password manager. It helps your employees create randomly generated passwords for all of their accounts, and then syncs those passwords across all their devices.

Platform
: Android, iOS, Linux, macOS, Windows, and web browser add-ons
Price: Starts at $5 for five users per month

1Password

1Password(new window) another end-to-end encrypted password manager, but it has a few more bells and whistles. Their Watchtower feature will alert you if any of your passwords have been exposed in recent data breaches.

Platform: Android, iOS, Linux, macOS, Windows, and web browser add-ons
Price: Starts at $3.99 per user per month

Two-factor authentication

To ensure your important accounts are secure, you should enable two-factor authentication (2FA) in addition to using a strong, unique password. The site Two Factor Auth(new window) will help you identify which services you can use 2FA on. By using 2FA on your accounts, you can prevent intruders from accessing your accounts even if they get a hold of your passwords.

YubiKey

The YubiKey(new window) is a hardware token (a specialized USB stick) that you can plug into your device to confirm your identity. While it is thought to be the most secure form of 2FA, relatively few services support hardware token 2FA.

Platform: YubiKey 5 NFC works with macOS, Windows, and NFC-equipped Android and iOS devices
Price: A YubiKey 5 NFC costs $45.

Duo

Duo(new window) offers several 2FA solutions, including solutions that incorporate Yubikey hardware tokens, confirmation requests delivered to the Duo app that foil man-in-the-middle attacks, and time-based one-time passcodes.

Platform: Android and iOS
Price: Has a free option. Premium plans begin at $3 per user per month.

File encryption

VeraCrypt

VeraCrypt(new window) is an open source disk encryption service for Windows, Mac OS X, and Linux devices. Using VeraCrypt, your employees can encrypt the hard drive on their device, encrypt their flash drive, or even hide how much volume they have on their hard drive.

Platforms: Linux, macOS, and Windows
Price: Free

Notepad

Standard Notes

Standard Notes(new window) is a simple, end-to-end encrypted note-taking app that can sync your notes across all your devices. Its clean interface and numerous extensions mean that you can use Standard Notes for everything from writing yourself reminders to coding.

Platform: Android, iOS, Linux, macOS, Windows, and web browser add-ons
Price: Has a free option. Premium plans begin at $9.99 per user per month.

Joplin

Joplin(new window) is another end-to-end encrypted note-taking app, but unlike Standard Notes users must manually activate the end-to-end encryption feature. Joplin relies on external services, like NextCloud or Dropbox to synchronize across devices.

Platform: Android, iOS, Linux, macOS, and Windows
Price: Free

For businesses that have not yet secured their data, these encrypted services are a good place to start. Download and subscribe to these end-to-end encrypted services to start protecting your company’s data. While encrypted services alone will not guarantee your small business’s cybersecurity, they are necessary tools that every business should consider.

Best Regards,
The Proton Mail Team

This post was updated on November 4, 2019

Sign up and get a free secure email(new window) account from Proton Mail.

We also provide a free VPN service(new window) to protect your privacy.

Proton Mail and Proton VPN are funded by community contributions. If you would like to support our development efforts, you can upgrade to a paid plan. Thank you for your support.


Protect your privacy with Proton
Create a free account

Share this page

Richie Koch(new window)

Prior to joining Proton, Richie spent several years working on tech solutions in the developing world. He joined the Proton team to advance the rights of online privacy and freedom.

Related articles

Can you password-protect a folder in Google Drive?
Protecting a folder with a password is a simple yet effective way of securing files. You may wonder whether you can password-protect a folder in Google Drive. We explain what access controls Google Drive offers and what you can do to improve your sec
Proton Pass now supports passkeys on all devices and plans
We’re excited to announce that Proton Pass supports passkeys for everyone, allowing you to manage and use passkeys across all devices seamlessly. Passkeys are an easy and secure alternative to traditional passwords that can help prevent phishing atta
what is a passkey?
Passkeys are a new way to secure your online accounts using cryptographic keys instead of passwords. They offer a high level of convenience and security, and are a real game-changer in the way we access and secure sites. What is a passkey, though, an
Apple’s marketing team has built a powerful association between the iPhone and privacy. The company’s ad campaigns claim that “what happens on your iPhone, stays on your iPhone.” And, “Privacy. That’s iPhone.” But Apple’s lawyers are telling a diffe
A cyberattack on national public employment service France Travail has exposed the personal data of as many as 43 million people.  The latest breach is the second major cybersecurity attack to happen in France in the past month, raising concerns abo
If I share a folder in Google Drive, can anybody see my other folders
Google Drive makes it easy to share files and folders, but you may have wondered at some point whether the people you’ve shared a folder with can see your other folders. We answer this question below and also share some tips for truly secure link sha
In 2014, Proton Mail was introduced as a web app, revolutionizing how we think about email privacy. Today, we’re excited to broaden the horizons of secure communication by launching the Proton Mail desktop app. Anyone can now use the new Proton Mail