Take Security Seriously, Avoid Cost of Breaches
Bill Carey is Vice President of Marketing & Business Development, Siber Systems, Inc.
A data breach — an incident in which hackers gain access to vital commercial or customer information — can come with a big price tag for your small business. It can cost up to $200,000 on average for a small business to comply with mandatory post-breach processes, such as notifying customers, hiring outside experts to determine what went wrong, identifying company obligations after the breach, etc. And that doesn't include the expense associated with the hit to your company's reputation.
The best way to protect data at your small business and avoid the costly consequences is to do all you can to make sure a data breach doesn't occur in the first place.
Here are three strategies that can help you protect your small business from hackers:
Protect Your Passwords
Employee passwords are the top gateway for hackers. A report released in January 2013 by global consulting firm Deloitte suggests that an astonishing 90 percent of user passwords are vulnerable to hacking. Make sure you and your employees use passwords that are easy to remember but hard to guess, and change passwords frequently to reduce vulnerability.
Don't use the names of children, pets or favorite sports teams as a password — hackers can easily gain access to this information from social media sites. It's a good idea to use a combination of letters and numbers as well as uppercase and lowercase letters when creating a password. One way to incorporate letters and numbers into a password is to use numbers that resemble letters, e.g., "MLBas3ba11" instead of "MLBaseball."
Educate Employees and Provide Resources
Chances are, your employees face the same cyber security challenges at work that they face at home. If they shop online or communicate via social media, they need to protect their personal information online and there are products and educational resources to help them. The same principles can be applied to address cyber security at work.
To ensure employees safeguard your valuable business data, consider establishing an cyber safety training program that will teach your team new strategies for creating tough-to-crack passwords and instruct them on how to avoid scams like phishing (use of a ruse to gain access to passwords, account information and other vital data) and keylogger schemes (malware that allows cyber criminals to log keystrokes to access data).
Think about a software solution to address weak passwords and enable frequent changes without losing track of passwords. Any cost can more than pay for itself if it helps you avoid a hacking incident at your company.
Hold Employees Accountable
As a small business leader, you can inspire employees to improve security awareness by showing them that you take the issue seriously. You can also let employees know that you expect them to take reasonable steps to protect business information.
Consider providing education and resources to help employees manage cyber security effectively. It's also a good idea to implement a written policy that spells out how you expect employees to manage digital data and passwords. After providing employees with training on best practices and reviewing your cyber security policy with them, ask them to sign a statement acknowledging that they've completed the training, understand the policy and will comply with company directives. This approach will definitely boost security awareness.
The risks of a data breach are too serious for any small business to ignore, but you can reduce your company's vulnerability starting today. Since passwords are the primary point of risk, make secure passwords a priority. Give your employees the education and tools they need to operate securely. And establish accountability to make sure they handle your vital business data carefully. By taking these precautions, you can significantly cut your company's cyber security risk and avoid a big price tag for a data breach at your small business.
The views expressed are those of the author and do not necessarily reflect the views of BusinessNewsDaily.