How Secure Are You? | Analyzing Your Small Business Data Security
Data security, cyber security, data privacy… whatever you want to call it, it’s a big topic – and it’s probably often on your mind! Security and data breaches dominate the news these days from national security concerns to corporate hackers. These stories get us thinking about how to scale down these security procedures to our own small business size, to give us and our customers peace of mind.
Why It Matters to your Customers
Business is build on trust. And customers want to know they can trust you with their data. In a world full of options, both online and offline, trust is a precious commodity that you have to earn and keep. Recklessness with data can drop your customer retention rates and ultimately cost you business.
The key is in proactivity. You want to have a handle on your data – to know what you have, where it is, and how it is secured. If a breach does happen, your customers’ confidence in your brand will be directly related to the policies and plans you have in place. The faster and more transparently you can recover, the better.
Why It Matters to You
No matter how small, or big, your business is, data security breaches can have legal, financial, and customer loyalty implications. A Kaspersky Lab report noted that such breaches cost small businesses on average $38,000 and in almost half of those cases, businesses had to disclose the information to their customer base. About a quarter of those were required to make it public, through the media. These numbers are reminder to be proactive, to prevent any breaches and to mitigate the damage after one occurs.
In addition, new laws are clamping down on data collection and security measures. For example, the GDPR (General Data Protection Regulation) will go into effect in May – and will directly impact any small business targeting customers in the EU.
The Four P’s of Proactive Data Security
We talked with our friend and colleague, Ed at Kingfisher Technologies, about the basics of data security. If you are feeling overwhelmed or aren’t sure where to start, here are a few things to think about today.
-
- Passwords
Simple, but often overlooked, passwords are the first step in your security plan. Make sure you aren’t using the same one for everything. Ed recommends a password manager that lets you create unique and difficult passwords, and stores them for you. - Patches
This applies to everything from your website to your computers. Double check that patches are up to date, on all layers. While this can’t protect you from all data breaches, external breaches often start with these vulnerabilities when patches aren’t properly applied, Ed says. Check with your webhost and other external entities to see what their policies are. - Permissions
Ed talks about the Principle of Least Privilege. In other words, you only give as much access to any person as is necessary, and no more. If a person needs editing permission, don’t give them full administrative rights, for instance. - Proven Plan in Place
Before a security breach occurs, have a plan in place. Ed recommends actually testing that plan as well. It’s fine to have some steps in mind, but until you test them, you won’t know how well they will work in a data emergency.
- Passwords
The Time for a Data Audit Is Now
If you are unsure about what needs to be put in place or where to start with tightening up your data security, the time is now. As new laws such as the GDPR are put into place, more scrutiny will be applied – and customers will expect more proactivity from the businesses they do business with. Contact Josh today for a FREE one-hour consultation to find out where you are with data security and put together some actionable next steps.