While this is always on the back of your mind, it is necessary to continually evaluate and evolve your current security measures as technology advances. I would be surprised if anyone, or any business, did not back up their data regularly, have passwords on their Wi-Fi, and use anti-virus protection software. If you are not one of these people, do it immediately. Let’s review some inexpensive ways to protect your data, both yours and your customers, from breaches.
The Ponemon Institute, in its State of Cybersecurity in Small and Medium-Sized Businesses (SMB), has surveyed approximately 600 individuals in companies with a headcount from less than 100 to 1,000 participated in this research. Their findings are not atypical of what you might expect.
One particularly disturbing finding from the survey suggests an enormous increase in SMB’s being targeted by ransomware. This is a type of malicious software designed to block access to a computer system until a sum of money is paid. In last year’s Ponemon research, only two percent of respondents described the cyber-attacks they experienced as ransomware. This year, 52 percent of respondents say their companies experienced a ransomware attack. In addition, the average size of the breach involved 9,350 individual records, an increase from an average of 5,079 records the prior year.
Cause of Data Breaches
Interesting enough, respondents who say their organization had a data breach, 54 percent say negligent employees were the root cause of data. Such statistics are very enlightening. What can a typical SMB do to protect themselves? Let’s look at some of the popular options.
Create Security Protocols: Get together with your IT people, if you have them, and go over the following brief list, then incorporate into a written document.
- How often should you run system updates and scans?
- Which of your information is sensitive?
- How should sensitive information be handled?
- Which types of software protection are critical, and which are optional?
- Who should have admin privileges?
Mandatory Employee Training: As the Ponemon data suggests, your employee’s negligence is the primary cause of your data breaches. It usually isn’t their fault, as they aren’t sure what to do or how to do it. Take the policy manual discussed above and walk them through it step-by-step to make sure that they are versed on everything from emails to phishing scams.
SMB IT Challenges
As these statistics bare out, the bad guys seem to keep one step ahead of your protection mechanisms. With that said, the software that you use is updated regularly, so make sure that you are taking advantage of this.
A few other things to think about:
Make passwords long. Experts say at least 12 characters. The longer, the better, as the algorithms used by hackers are not as effective against a longer string of characters. Last but not least, back up every piece of data you could ever need. Schedule automatic backups so you can’t get behind, and store the information securely. Anything sensitive should be encrypted. Good luck, your business and customers are counting on you.