BBB Logo

Better Business Bureau ®
Start With Trust®
Central Virginia
BBB Initiative Arms Small Business Owners with the Tools to Protect Business and Customer Data
January 21, 2010

BBB’s “Data Security—Made Simpler” provides free, easy-to-understand guidance and turn-key resources
to help small business owners prevent a data breach

January 21, 2009 – Arlington, VA - Better Business Bureau and partners Symantec Corporation, Visa Inc., Kroll’s Fraud Solutions and NACHA – The Electronic Payments Association today launched a new national education initiative to help small business owners overcome any previous reluctance to taking the necessary steps to protect their sensitive customer and business data, so they won’t become the next victim of a data breach.

Data security threats affecting small businesses are both external and internal, but many owners fail to recognize the potential for a breach or take the necessary protection steps until it’s too late. The numbers:

  • 33 percent of small businesses lack even simple antivirus protection. Source: Symantec Corporation, 2009
  • 85 percent of data breaches occur at the small business level. Source: Visa Inc. September 2009
  • 78 percent of consumers said they’d stop shopping at a store if they believed the store had experienced a card data compromise. Source: National survey of cardholders, Visa Inc., February 2009

“While data breaches affect businesses of all sizes, many small business owners aren’t taking the necessary steps to create ongoing data security policies and practices, including training their employees,” said Steve Cox, President and CEO of the Council of Better Business Bureaus. “Many small business owners recognize the importance of data security but don’t understand how vulnerable they really are, may feel intimidated by the issue or think that they lack the resources to implement a sound strategy.  As a result, data thieves often target small business owners, stealing both the sensitive financial information of the business and its customers.” 

BBB’s Data Security—Made Simpler provides small and medium business owners with the guidelines and right-size resources they need to build a data security plan and put it into action right away.  BBB’s Data Security—Made Simpler includes turn-key guidance to help small business owners:

  • Identify their data loss vulnerability points – electronic and paper-based
  • Develop a data security policy that both protects sensitive data, ensures its availability and restricts access
  • Identify and deploy the right kind of tools to protect sensitive data, based on their type of business
  • Communicate their data protection policies to customers as a strategy to strengthen the business - customer trust relationship and differentiate their company from their competitors
  • Know what to do if they believe they’ve been a victim of a data compromise

In addition to providing free and easy-to-understand guidance through www.bbb.org/data-security/, the network of community-based BBBs across North America – as well as partners Visa Inc., Symantec Corporation and Kroll’s Fraud Solutions – will reach out to small businesses to encourage an increased focus on data security. 

Data Security—Made Simpler was created by BBB in collaboration with two nationally-recognized data security experts, Dana Rosenfeld and David Zetoony. Dana Rosenfeld, formally an assistant director of the FTC’s Bureau of Consumer Protection, is an attorney with Kelley Drye & Warren LLP. David Zetoony is an attorney with Bryan Cave LLP and has counseled dozens of companies on how to respond to data security breaches

For more information or to schedule an interview with a BBB spokesperson on online and offline practices small business owners can do to protect their data, contact Alison Southwick at 703-247-9376.

About BBB
BBB, the leader in advancing marketplace trust, is an unbiased non-profit organization that sets and upholds high standards for fair and honest business behavior. Businesses that earn BBB accreditation contractually agree and adhere to the organization’s high standards of ethical business behavior. BBB provides objective advice, free business BBB Reliability ReportsTM and charity BBB Wise Giving ReportsTM, and educational information on topics affecting marketplace trust. To further promote trust, BBB offers complaint and dispute resolution support for consumers and businesses when there is a difference in viewpoints. The organization is also a recognized leader in developing and administering self-regulation programs for the business community, and, with respect to the advertising industry, does that through a joint venture in conjunction with National Advertising Review Council partners. The first BBB was founded in 1912. Today, 123 BBBs serve communities across the U.S. and Canada, evaluating and monitoring more than four million local and national businesses and charities. Please visit www.bbb.org for more information about BBB.

About Visa Inc.
Visa is a global payments technology company that connects consumers, businesses, financial institutions and governments in more than 200 countries and territories to fast, secure and reliable digital currency. Underpinning digital currency is one of the world’s most advanced processing networks—VisaNet—that is capable of handling more than 10,000 transactions a second, with fraud protection for consumers and guaranteed payment for merchants. Visa is not a bank, and does not issue cards, extend credit or set rates and fees for consumers. Visa’s innovations, however, enable its financial institution customers to offer consumers more choices: Pay now with debit, ahead of time with prepaid or later with credit products. For more information, visit www.corporate.visa.com.

About Symantec Corporation
Symantec is a global leader in providing security, storage and systems management solutions to help consumers and organizations secure and manage their information-driven world.  Our software and services protect against more risks at more points, more completely and efficiently, enabling confidence wherever information is used or stored. More information is available at www.symantec.com.

About Kroll’s Fraud Solutions
Kroll, the world's leading risk consulting company, provides a broad range of investigative, intelligence, financial, security and technology services to help clients reduce risks, solve problems and capitalize on opportunities. Kroll Inc. is a wholly-owned subsidiary of Marsh & McLennan Companies, Inc. (NYSE: MMC), the global professional services firm.  Kroll began providing identity theft solutions in 1999 and created its Fraud Solutions practice in 2002 in response to increasing requests from clients for counsel and services associated with the loss of sensitive personal information, and related identity protection and restoration issues facing organizations and individuals.  Since then, Kroll’s Fraud Solutions clients have included Fortune 500 companies, non-profit organizations, and government entities dealing with healthcare, financial services, insurance, consumer service, and any activity involving the collection and use of personal information. Kroll’s Fraud Solutions team presently serves over 10,000 businesses and millions of individual consumers.  For more information, visit: www.krollfraudsolutions.com.

About NACHA – The Electronic Payments Association
NACHA supports the growth of the ACH Network by managing its development, administration, and governance. The ACH Network facilitates global commerce by serving as a safe, efficient, ubiquitous, and high-quality electronic payment system. More than 15,000 depository financial institutions originated and received 18.2 billion ACH payments in 2008. NACHA represents nearly 11,000 financial institutions through 18 regional payments associations and direct membership. Through its industry councils and forums, NACHA brings together payments system stakeholder organizations to encourage the efficient utilization of the ACH Network and develop new ways to use the Network to benefit its diverse set of participants. To learn more, visit www.nacha.org, www.electronicpayments.org and www.payitgreen.org.