Data Security Guidance for Small Businesses

April 13, 2017 Off By Hoofer
With high profile cyber attacks occurring on a regular basis, people who run small businesses are becoming increasingly concerned about their data security processes. For regulated businesses, there is a requirement to provide evidence that the company complies with the minimum requirements. For small businesses that don’t have the same level of scrutiny as the larger, highly regulated businesses it can be harder to find support and guidance on responsibilities. 

However, businesses of all sizes must start paying more attention to the threat of cyber attacks, given that the type of businesses that criminals are targeting varies from a small start-up business to a global company that is a household name. Recently we have seen numerous cyber attacks hitting the news headlines, such as payday loan company Wonga who was subjected to an attack, leaving 245,000 customers affected. 

Wonga is certainly not the first big company to be targeted, and they certainly won’t be the last. Just last month, there were reports of a highly sophisticated phishing scam that managed to con two large US-based companies out of around $2m over a prolonged period. We’ve also heard about the giant companies PayPal and Twitter being affected by hacking. 

For some small business owners, they read these headlines, and falsly believe they are safe because they are not a million dollar company. To an extent, this is correct, as criminals are most likely going to target companies with a high ROI and can turn a hefty profit. However, it is better to be safe than sorry, and not worth the risk. 

In fact, there are increased numbers of reports regarding small businesses and even household devices being targeted through Ramsonware and other scams. So, if you own a small business, you have to be aware of the dangers, and you have to take the necessary measures to protect your data. If you collect information regarding your customers, you have a responsibility to protect that data. 

Some of the measures that you should be looking at are: 

Educating employees – If you have multiple employees that have access to data, they must be trained to understand the risks and measures that must be taken when protecting data. 

Firewall/Software – Investing in increased system security is one of the best ways to protect data, so depending on how you use your systems, you should look into increasing the security that protects your data. It may even be worthwhile getting a security consultant to advise you. 

Encryption – If you are sending out emails with any customer data, you need to protect the content through encryption software. Always be cautious of the details that are sent in any email campaign

Advice from government – Due to the level of problems we are facing with cyber crime, the government has invested significant sums of money to help protect businesses. Visit their website for further information that can help you determine whether you need to improve your current data security policies and if so, how to do it.