When people think of cyber security and identity theft one’s email account doesn’t come up nearly as often as it should. An email account is the number one security weakness for 99% of the startups out there. Just think about the “Reset Password” option for the sites you use on a regular basis — online banking, QuickBooks Online, Amazon.com, Google AdWords (a savvy bad guy can run up your bill driving traffic to an affiliate program in China), etc.
Jeff Atwood’s recent post Make Your Email Hacker Proof recommends the same solution I recommend and use personally.
All startups should use Gmail with two-factor authentication enabled for personal and business email. Yes, it makes it more annoying to sign into Gmail from a random laptop but it’s totally worth it. The idea is that you sign in like you normally would with a standard password and then you use a separate program on your smart phone (or get a number texted to you) that has a random second password. This second password is the key since it is much harder to steal as it changes every 60 seconds and is created on the fly.
If your email account contains important information or is connected to another account that’s important, and has a “Password Reset” function, Gmail with two-factor authentication is the way to go.
What else? Do you agree that email is your #1 security weakness?