What small businesses need to know about data security
Does your company have sufficient safeguards in place to protect client, employee, and company data? Donna Dietz, president at CMIT Solutions, states that hackers prefer small to medium size businesses. Why? These businesses do not have the level of data security larger companies have, but they still have valuable data that can be sold. In a Forbes article Are You Prepared? Record Number Of Cyber Attacks Target Small Business, Cheryl Connor shares that small businesses can also be used as a stepping stone into larger companies. Per a study performed by Verizon, in 2012 seventy-one percent (71%) of the data breaches studied were small businesses with fewer than one hundred employees. The Verizon study in 2013 showed this disturbing percentage to be increasing. The scary part of all this is that a data breach is often the beginning of the end for small businesses. Now that the seriousness of the issue is sinking in, what needs to be done?
Your Part in Data Security
- Evaluate what you have. Below are some important tips for protecting your small business data by Business Bee:
- Does your company use the cloud? Who is responsible for data breaches here?
- Does your company policies cover, Bring Your Own Device (BYOD)?
- How is your data stored, moved, and disposed?
- Don’t forget to review how paper is handled in your company.
Another area to evaluate is your payroll. If this is outsourced how is your employees’ information being kept safe?
- Know your legal obligations. If you are accepting credit cards you are required to take steps to secure this information. Visit the PCI Security Standards Council website for details on data security, https://www.pcisecuritystandards.org/
This should be taken a step further, by reviewing agreements with outsourced companies, the cloud, subs, and company policies for employee responsibilities.
- Now that you know what you have and your legal responsibilities, it is time to take action.
- Weaknesses will need to be corrected.
- Areas of legal liability for which your company has no control (such as in the case of outsourcing) need to be addressed.
- Employees need to be informed and trained.
- Once the company’s security is up to par, the work is not done. Procedures need to be put in place to continuously evaluate the company’s security. Remember to let your guard down is a major weakness which has already put so many small businesses out of business.
More Information On Data Security for Small Businesses
Check out these sites for more information.
- The Better Business Bureau (BBB) is a great resource for evaluating and putting together a plan.
- National Institute of Standards and Technology Report on Small Business Information Security
- S. Small Business Administration – 4 Ways to Safeguard and Protect Your Small Business Data
- Forbes – Are You Prepared? Record Number Of Cyber Attacks Target Small Business
- NYC Business Solutions’ How-To Guide for Cyber Security