Cyber crime is a serious concern for business owners. Recently IBM Chair, CEO, and President, Ginni Rometty, called it “the greatest threat to every company in the world”. According to Juniper Research, by 2019 cyber crime will cost businesses a staggering $2 trillion.
It’s impossible to put a dollar value on what your customer data is worth – or the cost to your business should sensitive data be compromised by theft or loss. For many small companies, a security breach could simply mean the end of the business.
If you don’t already have a data security plan in place, these tips will help you take steps to prevent a devastating loss.
Protect your company’s information assets
Given what’s at stake, every company should prepare a data security plan that identifies their information assets – that is, hardware that stores private customer and employee information. Your plan should also outline potential threats to keeping information assets safe, and strategies to protect them.
Your information assets may include:
employee devices used for work
In addition to inventorying information assets with descriptions and serial numbers, your security plan should outline your strategy for protecting data by asset, prioritized by severity of loss in a security breach.
This free cybersecurity self-assessment can help you determine the strength of your internal cybersecurity processes – a useful starting point to develop your company’s security plan.
Move to cloud-based storage
Storing company data in the cloud is one way to minimize the risk of customer data loss by keeping sensitive information off devices.
Cloud storage providers offer secured data centers, encryption, and authentication for your company data, as well as trained professionals working around the clock to keep your data safe from cyber attack.
Another benefit to cloud-based storage is that employees can log in securely to access customer information – a much safer option than transferring data over email or downloading to computers, laptops, or mobile devices.
Set rules for company devices
Many small businesses rely on tablets and mobile phones to conduct day to day operations. Unfortunately, these company devices pose a serious threat to customer data if they are lost, damaged, or stolen.
Protect customer data with encryption, and be sure to install tracking software, update anti-virus protection regularly, and wipe data remotely from lost or stolen devices.
Talk to your employees about the importance of keeping customer data private and secure, and consider implementing these security guidelines:
All employee passwords should be unique, difficult to guess, and re-set frequently
Files should not be downloaded from the cloud to company devices, nor should apps that may carry malicious codes or security flaws
Personal devices should not be used for work
Limit customer data access
Ensure only employees who need access to customer data in order to perform their jobs can do so. Take advantage of software settings that “lock” customer data by user, and disable access rights whenever employees retire or move on to a job at another company.
By following these guidelines, you can rest easy knowing you’ve taken important steps to keep your customer data safe – and your business safe from a devastating cyber attack.