5 Tips on How to Avoid A Data Breach

Facebook
Twitter
LinkedIn
Pinterest

As a small business owner, there’s always a lot on your mind. Some of these things include delivering great customer service and keeping your products and services on the cutting edge.

This is to keep up with your competitors. But, there is yet another aspect that goes often overlooked: security. It’s always in the back of your mind, but never really gets too much attention…

Until you are actually impacted by a security breach.

Consider some of these statistics for small businesses:

  • A cyber attack occurs every 39 seconds.
  • 1 in 3 customers suffered some sort of data loss, out of a total of one 1 billion accounts.
  • It takes on average 191 days to detect that a malware attack has actually occurred.
  • The top cyber attacks for a small business (in order of prevalence) are Social Engineering, Insider Threats, and Advanced Persistent Threats.
  • Only 14% of small business owners believe that they will be able to mitigate a cyber-attack.
  • Only 39% of organizations actually keep their systems up to date with necessary software patches and upgrades.
  • Only 51% of organizations actually have a dedicated budget for Cyber security.
  • Over 60% of organizations will be out of business just within six months as a result of a cyber-attack.
  • By early in the next decade, cyber attacks will cost organizations a staggering $6 trillion, and data breaches will cost $150 million.
  • Each record of stolen data costs a small business owner about $200.00.

Clearly, these numbers are very alarming, and as small business owner, there is a lot that is stacked up against you.

One could partly assume that this due to lack of financial resources. After all, you are on a tight budget. But, there are certain proactive steps that you can take. These are detailed in the next section.

Top 5 Tips to Avoid a Data Breach

1. Collect only the needed information and data:

Obviously, when you start getting your client base established for your business, you will need to collect information and data about them. Some of this will include contact information (such as name, address, phone number, and possibly even credit card information).

The database platform in which you store all of this should not only be secured, but it is also important to keep as little personal data about your clients as possible.

For example, do you really need to store the credit card information? True, this saves time for your customer. However, if this financial data is stolen or compromised in any way, you will be held both legally and financially responsible. In fact, the average cost for a small business owner for such types of data loss is a staggering $280,000.00.

2. Make sure the passwords that you establish are difficult to be broken by a cyber attacker:

This is a topic that has been addressed in previous blogs, and yes, it still remains among one of the weakest links in the security chain for the small business owner.

It is always important to make sure that your employees are on top of their game when it comes to creating strong passwords, and that they are not sharing it with anybody else.

These standards need to be established in your security policies, and firmly enforced. Also, consider very seriously using a password manager to help create and store long and complex passwords. Make use of Two Factor Authentication (2FA), in which more than one layer of security is used to protect your company data. A great tool for this is Biometrics – either Fingerprint or Iris Recognition.

3. Make sure you use the proper levels of Encryption:

This simply means that any communications (especially that of e-mail) remains in a “garbled state” and stays that way until it is received by the legitimate party. This helps to ensure that if it were to be intercepted by a cyber attacker, he or she will be unable to decipher it.

Although this does not guarantee 100% security, the idea is that the cyber attacker will get frustrated in the time that it actually takes to descramble the message, and as a result, will move onto a much less protected target.

4. Limit network access:

For any business – large or small, the network component is at the heart of the IT infrastructure. After all, some of your servers may reside on-site, from which your employees and other related personnel (such as outside vendors and contractors) can access information and data.

Therefore, not only should you restrict the permissions in this regard, but you need to make sure that all lines of communications between the servers, workstations, and wireless devices are secure.

In this aspect, you should consider heavily using Virtual Private Networks (VPNs). Also, you need to know where all of this mission critical information and data resides on your servers. Just consider a few more statistics:

  • Only 16% of small business owners know where their structured data resides at;
  • Only 7% know the location of where the unstructured data resides at.

5. Not all Cyber-attacks target electronic data:

There is the misconception that only this kind of information is subject to an attack. But keep in mind that there are also physical documents as well, which can also be a prime target, especially for an inside attack to occur.

Therefore, make sure that the storage place(s) within your business remain secure. Allow only those employees that absolutely need access to it have the keys.

Also, if you dispose of any paper documents, make sure that you shred them first. At the present time there are no laws preventing dumpster diving, and anybody can comb through your trash receptacles that are located outside. On a side note, you may even want to consider outsourcing this function to a reputable paper shredding company.

A Good Place To Start

These tips are meant to help you get started thinking seriously about the steps that you can take to fortify the lines of defense for your small business. There are other steps to take as well, and in these instances, you may even want to consider hiring a technology consultant to help you assess as to where you stand. This may cost some money but it pales in comparison to the staggering dollar amount if you are indeed hit with a major data breach.

Sources

  1. https://itsecuritycentral.teramind.co/2017/11/21/cyber-security-facts-statistics-every-business-needs-to-know/
  2. https://www.upwork.com/hiring/for-clients/small-businesses-data-breach-protection/
  3. https://www.hiscox.com/blog/5-ways-small-business-can-avoid-data-breaches
Facebook Comments

Sign Up for our Tech Tips

Sign up for our SUPER useful tech insights and tips that get you MORE PRODUCTIVE and SECURE!
Scroll to Top