But the unfortunate reality is, small businesses are often easy targets for hackers. The hackers in the in the 2013 Target attack actually got in through a small HVAC company. Hackers know that small businesses don’t have a lot of resources to dedicate to data security – certainly not as many as enterprise organizations. And they will use that to exploit you.
Don’t believe us? Take a look at these two stats from August 2015:
Scary stuff, right?
Get the right systems in place and keep them up to date
At a MINIMUM, you should have a firewall, an antivirus program on all computers, passwords on all computers and programs containing company data, and a system that monitors your outbound internet connections.
But a firewall and an antivirus program installed 2 years that hasn’t been touched since isn’t doing much to protect you from the latest threats. Hackers and threats to your data security are constantly evolving – and your data security needs to evolve with it. Your data security programs need to be regularly updated and constantly running to keep you protected.
If this sounds too expensive and too cumbersome to manage on your own, you may want to talk to your IT company about security as a service. This treats data security services as an always-on, constantly monitored service, generally paid for with a monthly fee. This means your systems should be protected against the newest threats – and a monthly fee is usually more affordable for small businesses than the large expenses that come with replacing your firewall.
Ultimately the biggest threat to your company isn’t an outside attacker – it’s your employees. No, we don’t mean your employees are stealing your data to sell on the black market.
But most data breaches are caused by human error: someone opening a malicious email or clicking a bad link or losing their phone or getting a virus on their work laptop while working at home and bringing it inside your network.
It’s vital for all employees to be trained on data security policies and best practices. Employees must understand what they need to watch out for and why. All it takes is for one employee to click on a bad link for your company’s information to be compromised.
There is never a 100% guarantee when it comes to data security (any vendor who tells you differently is either lying or doesn’t know what they’re talking about) – but with up to date systems and a vigilant workforce, you can get much, much closer.
If you have any questions about data security, please contact us!
__
[1] Symantec Intelligence Report: August 2015
[2] Symantec Intelligence Report: August 2015