You’ve probably heard about the recent Sony Pictures breach, in which hackers made a wide range of confidential company information public, including financial data, inflammatory emails and more. In light of this and other attacks, many businesses are redoubling their efforts to protect consumer and financial data from cyber criminals.
While security is essential for firms of all sizes, small businesses should be particularly vigilant to the devastating effects of a data hack. In fact, a 2009 study claimed that 40 to 60% of small businesses never reopen after suffering a security breach or other disaster.
Here are a few tips and best practices you can use to protect your business’ data.
Using good password practices is crucial to keeping your business’ data safe. In addition to creating original, complex passwords for every account, you and your employees should take care to change passwords at regular intervals, typically every few months. For the best results, opt for passwords that feature capitalized and lowercase letters along with randomly interspersed numbers and special characters.
Have trouble remembering passwords that are too obscure? Consider creating a password in which each letter represents a word in a phrase. Using mnemonics is a great way to avoid confusing passwords if you have a wide range of accounts to protect. Another option is password-management software; a list of options for password managers can be found at PCMag.com.
Of course, even the most complex passwords may not be enough to protect you if your software is hopelessly outdated. Remember to download security updates for your computer at regularly scheduled intervals. As a small business owner, use security programs to safeguard your data and e-commerce site, including anti-virus programs or encryption utilities for sensitive information.
A good and regularly updated anti-virus program can help prevent infection by viruses and malware. Encryption software can secure a small business’ most sensitive information by using algorithms to alter data so it can’t be read without a password. If your business does not currently encrypt sensitive information, such as consumer credit card numbers and other personal data, consider doing it as soon as possible.
Once you’ve uploaded the necessary software programs, be sure to update them regularly to guard against the latest threats.
Wireless Network Security
Almost every company relies on a wireless network to get online and conduct business. And while it’s great to not have your computer tied down by a cord, wireless networks are popular targets for hackers and cyber criminals.
To protect both your business and your employees, use your router’s strongest available encryption standard, and protect both your router and Wi-Fi access with passwords. Along with stopping random users from stealing your Wi-Fi, passwords can prevent hackers from hijacking account information, files and even consumer financial information. As an added measure, businesses can disable the SSID broadcasting function on the wireless router in order to hide their networks from cyber thieves.
Cloud Network Selection
Cloud storage enables businesses to store a huge quantity of data online. And while the cloud makes it easy to share files and documents with fellow employees, it also affords hackers one more place to find your private information. For best results, choose a cloud service that limits file access to vetted employees, and only share documents that contain no essential or confidential information. For example, it would be prudent to abandon the old practice of using customers’ Social Security numbers as identifiers in favor of a new record-keeping format free of sensitive information.
Additionally, if confidential information must be kept in the cloud, make sure that it is both encrypted and password-protected. Fortunately, a number of cloud-storage providers offer both encryption and decryption of your files as part of their service contracts.
Named for its founders (Europay, MasterCard and Visa), EMV refers to a sophisticated payment system that utilizes microchips embedded on credit cards to process transactions and protect a cardholder’s data. Because account information is encrypted with EMV, both merchants and consumers enjoy a reduced risk of fraud by adopting this new technology.
If you haven’t yet migrated your small business payment system to one that accepts EMV cards, you may want to consider prioritizing this in the next few months.
Liability for fraudulent credit-card payments currently falls on banks and credit unions. But as of October 1, 2015, business owners who don’t accept EMV transactions can be held liable for fraudulent charges until they adopt EMV-capable hardware. This legal switch can be a serious weight on the shoulders of cash-strapped small businesses. As such, if you want to keep your business above water, consider making the move to EMV sooner rather than later.
Keep Your Small Business Safe in 2015 and Beyond
Just because the business that you own and operate can be called “small” doesn’t mean you won’t be the victim of a security breach. On the contrary, lacking a sophisticated security system can make your company even more attractive to hackers and data thieves. From payroll data, to customer lists, small businesses in particular need to take steps to preserve their interests by protecting sensitive data.
Invest your time and money now, so you don’t have to give it away in the event of a breach.