Andy Ott is the founder of Verity Networks, a cost-effective, expert IT solution helping small businesses in Sioux Falls. He sat down with Sioux Falls Simplified to talk about the importance protecting your information online and the bare minimum you should be doing – especially if you're a small business owner.

Answers are edited for length and clarity.

How did you 'get smart' about IT and helping folks stay safe online?

I actually have a degree in aviation, and I was a firefighter on the field in La Crosse, Wis.

  • I did that for five years. Then I left aviation and switched to IT, basically, because I could get a job, and I like computers.
  • As it comes to security, a lot of things that are considered commonplace today had just started to become a thing four years ago. I had the odd experience of never knowing anything different – I was taught what is now considered best practice.

My family moved to Sioux Falls so I could work for a bank that needed an IT guy and a Bitcoin guy – and I could do both.

I worked there for about a year and a half before I switched to working at Co-op Architecture.

  • Shortly after I started at Co-op, I remembered how much I loved solving problems and making systems work. I cleaned up a lot of things there, and I wanted to do it for more companies – which led to starting Verity Networks in May 2023.
  • Co-op was very supportive, and they encourage their employees to do what they want to do, even if that means leaving Co-op. Today, they're a client of mine, and I don't think I could've managed to go full-time with Verity (starting Jan. 1, 2025) if I hadn't been working there.

Ok, we're all about simplicity here. Can you, in 10 words or fewer, describe what people should know about protecting themselves online?

If you're online, you're a target – you're not too small.

Can you expand on that?

Many companies say, "I'm too small to be a target," and technically they're right. Sioux Falls Simplified is not getting targeted the same way Avera is – small businesses are getting targeted simply because they exist.

  • About 60% of small businesses who go through a cyber attack are out of business within six months of the attack. If anything happens, the odds are strongly against you that you'll be able to make it through.

Internet security is like an insurance policy. The goal of IT is that you retire in 30 years and think, "well, that was a waste of money," but you can't afford the risk if you don't have it.

What do people most misunderstand about IT and being secure online?

People feel as if they need to apologize when they're asking for help. First off, you're paying me, and also, I don't know how to do your job. You shouldn't feel bad that IT is not your area of expertise.

What is the bare minimum security that I should be thinking about?

For everything that you sign into, you should have a strong password – the current guidelines here are 12 characters, but my recommendation is you use a password manager, and then use a ridiculously long password that you don't have to remember.

The second thing is to enable two-factor authentication on systems that allow you to do so.

  • There are different ways to do it, but I recommend avoiding SMS text-based authentication. You can instead use a Google or Microsoft authenticator that generates a six-digit code in a secure fashion.

Then, have an offline backup of your password manager.

  • Depending on the person, you might give it to your spouse, write them down and put them in a sealed envelope in a safe, etc. You want something that someone would have to work hard to get.
  • It might seem a little bit extreme to print out your passwords and put them in a safe, but it's not a bad idea.

What do you recommend for folks like me who feel a little overwhelmed by all of this?

Start small.

Figure out all the places that you use the same password, and change one of them today. Then change one of them tomorrow. And you'll probably need to write down your new password so you don't forget it, so use a password manager.

The second-most important thing is to give yourself the grace to do this slowly. You're not a failure of a human if you use the same password – it's not the best choice, but it is what it is. Don't feel like you're an idiot because you aren't doing everything perfectly in IT.

Is there anything else you want the good people of Sioux Falls to know about you, IT or staying safe online?

The bare minimum is really just taking the next step. I'm going to bet that most people, if you ask them what's the next thing you could do to make your digital life more secure – they already know that. They just need to take the next step.

When it makes sense to reach out to me is before something bad happens and you want to keep something bad from happening.

  • tll/I work with small businesses in many areas, but security is one of the biggest ones, so when you get to the point where the next step is beyond your capabilities – that's where I show up.

I also do audits where I'll just sit down and ask you what you have, what do you do, how do you secure it, and we can form a plan of the next steps.

Any IT company that's worth talking to is not going to give you a hard time for wherever you are.

  • They might be able to identify some big holes, but if they give you crap, go talk to somebody else. Don't be ashamed. Don't be embarrassed. Take the steps you need to protect your business and your family.