Often times, workers at small businesses juggle an array of jobs within a company. Maintaining the company’s online presence is an example of a task that can be performed by a marketing or operations specialist or can even be handled by the owner.
Better Business Bureau wants to make sure your business is taking the necessary steps to protect your company from cyber thieves who have the ability to exploit system weaknesses and access sensitive data with just a few clicks of a mouse. According to the Federal Communications Commission, theft of digital information has become the most commonly reported fraud, more so than physical theft. Even if you don’t have the resources to hire a full-time security expert, every business has the responsibility to create a culture of cyber safety to enhance business and consumer relations.
A study administered by the Ponemon Institute found that more than half of American small businesses surveyed experienced at least one data breach last year. Of those companies, only 33% notified customers after the breach that personal data that may have been compromised. Follow these steps to protect your company, your customers and their personal data.
1. Data Encryption – Assume cyber thieves will hack into your business system. These type of thieves can expertly determine your system’s weaknesses. Protect information, computers and networks with firewall software that is updated and tested on a regular basis. Having the latest security software, web browser and operating system can be the best defense against viruses, malware and other online threats. Ensure work-from-home employees are also protected by a firewall.
2. Insider Threats – Internal employees can be one of the main causes of data breach occurrences. All personnel working for your company should have a background check performed. The Ponemon Institute found lost or stolen technology, including laptops, hard drives or smart phones with confidential information was one of the main causes of small business breaches. Employee mistakes were also a common cause. Train employees in security principles, including developing strong passwords and requiring them to change their password every three months. Multifactor authentication can also be useful.
3. Have a Contingency Plan – When a data breach does occur, have a response plan in place. Make a list of contacts to notify first, including credit monitoring companies, lawyers and communication agents. The plan should identify who has access to certain information, how data is stored and how it is backed up. Responding as soon as a breach has been identified can help control potential damages.
4. Insurance Coverage – Business owners believe it can’t happen to them, but cyber crime is a real risk. Contact a third party insurance agent to create a plan to protect your business against cyber threats.
5. Have Backups in Place – Regularly backup data on all computers at least weekly. Store information offsite or in the cloud, which is becoming increasingly popular with businesses. The most critical data includes human resources files, accounts payable, and other financial files.
6. Keep Security Information Private – Don’t share information about your company’s cyber security. Criminals can and will use any public information about a security system to get around it. Also, avoid promising consumers their information is absolutely safe with the company. There is always a slight chance someone may misuse it or it may be stolen.
The FCC provides small businesses with a free step-by-step planning guide that helps companies create a cyber security plan to help protect against threats.
For more information on staying safe online, visit our BBB data security tips.