Small businesses typically are not as focused on data security as are larger corporations. Some small business owners believe that locking up their storefront is sufficient protection against theft of important data. Others assume they are better protected than they really are, because they lack in-house experts to advise them otherwise. Still others may suspect they should be doing more, but do not know where to access the information needed to secure their data.
The Better Business Bureaus has launched a new national education initiative to help small business owners improve their security and privacy readiness in a climate of data exposure risks. Small businesses are a strong part of the economy, so their vulnerabilities can have wide-ranging implications. Business owners of all sizes need to be vigilant in protecting their customers, their employees and themselves.
Entitled Security & Privacy – Made Simpler™, the BBB's initiative offers small businesses a non-technical roadmap for securing their data. The national program includes free, easy-to-read security and privacy toolkits that are accessible online at: www.bbb.org/securityandprivacy. A customer data protection toolkit is available now, and the employee data toolkit will be released in the fall.
Small business owners may also visit the site to view a downloadable 'webinar' featuring key topic experts, and receive ongoing updates about new security and privacy developments that affect small businesses.
The Security & Privacy – Made Simpler™ initiative is specifically designed for small business owners. Complex and cumbersome concepts have been converted into manageable action steps. Included are:
- Illustrations of low-tech and high-tech data theft, from dumpster diving and employee theft to phishing and hacking…and steps for prevention;
- Checklists for everyday security practices, such as restricting access to sensitive records, keeping e-mails free of personal information, and training employees on privacy and security policies;
- Common sense advice, such as "if you don't absolutely need a piece of customer information, the best policy is, don't collect it," and "if you possess customer data you no longer need, discard it - securely;" and
- Practical guidance on whom to notify in the event of a data breach, from law enforcement to potentially-exposed customers.
The initiative was developed in partnership with national privacy and security experts and is supported by IBM, Visa U.S.A., Equifax, Verizon Wireless, The Wall Street Journal, eBay and PayPal.