Keeping your business data safe online is a growing concern for many businesses. And it appears that small businesses are more at risk from hackers, with the latest Government Security Breaches Survey reporting that nearly three-quarters of small organisations suffered a security breach in 2015. A figure which was an increase from the 2013 and 2014 survey.
The cost of these breaches is also increasing, with the most severe breaches for a small to medium business costing over £300,000, up from £115,000 in 2014.
Aside from the trust of your customers, there is, therefore, a strong financial reason to tackle the potential problem and keep your business data safe before you become a victim.
But just why are smaller businesses so often preyed on? There can be a tendency to have lower defences, with fewer resources focussed on this area. Their customer data and intellectual property, combined with often innovative business ventures can make them an attractive target.
This is by no means to say that it is all doom and gloom. There are a few strategies that can easily be employed which can discourage hackers and help to minimize any damage that may occur.
Top data security techniques
- Make sure passwords are difficult to guess
Passwords should include upper and lower case letters, numbers and symbols. If you incorporate 10 or more characters with these characteristics then you make yourself a much harder target for hackers and help to keep your business data safe.
- More than just a password
No matter how secure you make your passwords, they are still vulnerable. A Two-Step Verification should be used wherever possible. A separate authorisation code is required in addition to the usual login if someone tries to access the services from a new or unauthorised devices. The code is most often supplied by SMS or an approved code generating app.
- Access should be limited
Ensure that staff and third parties only have access to the data that they need to do their job.
- Keep antivirus and malware software up to date
It seems obvious but do make sure to keep your software up to date. Hackers often discover new ways to bypass security features so it is essential to make sure your antivirus is as up to date as possible.
- Educate your staff
Often the weakest link in any security chain, make sure your staff know the signs of a breach and how to keep information safe. Make sure that staff are not leaving the door open to anyone that they shouldn’t and that they understand the threat of social engineering and how to spot phishing. Simple changes in staff behaviour can have a big impact here. And smaller businesses should find this easier to achieve.
- A strong IT policy
This isn’t just a formal document. It is essential for every business to create a dynamic policy that helps everyone to understand what data security means to the business and how to protect your business, whilst also outlining how to react when things go awry.
This article was written by Mike Barcroft, Director and founder of Altis Legal.