Small business security breaches are becoming increasingly common—at a steep cost to unsuspecting business owners. Read on to learn how you can better protect your business and lessen the risk.
Implications of a breach:
Knowing the implications of a security breach can help you understand where you should focus your efforts, and to develop a plan if it ever happens to you and your business.
- 46% of cyber breaches impact businesses with fewer than 1,000 employees.
- On average, a data breach costs about $4.35 million.
- 60% of business close their doors within six months of a cyberattack.
Despite these scary stats, about half of all small businesses report that they don't use any data protection for company and customer information.
How can you get your business security practices cleaned up? As a business owner, it's important to have a detailed plan that everyone understands, not just your IT staff.
Create an employee—training plan.
- Establish basic security practices and guidelines for employees, such as requiring strong passwords and establishing appropriate Internet use examples.
- Review real-life case studies with your employees about what happens when online and digital security practices are ignored.
- Remind them of the type of business information that is considered secure or classified, what should or shouldn't be downloaded online, and how to spot fraudulent emails.
Keep your devices up to date.
Are your machines clean? Do they have the latest security software, web browsers, or operating systems? Installing the latest versions of these programs may be time consuming, but remember the most recent protections only work if you choose to use them.
If you're not updating your equipment, you're leaving your business vulnerable.
Audit employee access.
Put together an information access audit plan and create a recurring reminder to review it every few months.
For example, your audit plan might want to include reviewing which employees have access to the below areas, and granting or removing access as your business grows.
- Website and social media pages
- Bank accounts
- Network login access
- Physical access to storefront or back-office via a key or badge
- Credit cards under the business' name
Provide firewall security for your Internet connection.
A firewall is a set of related programs that prevent outsiders from accessing data on a private network. Make sure your operating system's firewall is enabled. If employees work from home, ensure that their home systems are protected by a firewall or provide them with equipment or software with virtual private network (VPN) access.
If you have a Wi-Fi network for your workplace, make sure it is secure, encrypted, and hidden. To hide your Wi-Fi network, set up your wireless access point or router so it does not broadcast the network name, known as the Service Set Identifier (SSID). Be sure to password-protect access to the router as well.
Consider cyber liability insurance.
If you've ever been in a car accident, you know car insurance is well worth the cost. Cyber insurance is the same, and this policy can cover your business' liability for a data breach involving sensitive customer information, such as credit card and account numbers.
Other than legal fees and expenses, cyber insurance typically helps with many other things:
- Notifying customers about the breach
- Restoring personal identities of affected customers
- Recovering compromised data
- Repairing damaged computer systems
Double check your general liability insurance. There's a good chance that it doesn't cover claims related to data security. With cyberattacks and security becoming more important every year, it's better to be safe than sorry.
Do your research.
Technology may not be everyone's forte or interest, but it's a part of everyone's lives and all business environments. Protection steps will vary depending on the industry and business size, but by adopting a strong plan, you as a business owner can tackle cyber security issues smoothly and in a business-focused manner.
For more information about practical steps you can take, check out these helpful articles:
- Assess Your Business Risk—U.S. Small Business Administration
- 101 Digital Data Tips—DigitalGuardian.com
- Cybersecurity for Small Business—Federal Communications Commission