As a business, one of the biggest threats to your business is a hacker. In fact, new research shows that 75 percent of data breaches happen within small and medium-sized companies with 40 percent of small businesses being victims of security breaches.
Roughly 76 percent of those attacks were the direct result of a compromised password. The same researchers found that a stunning 60 percent of small businesses that are hit by a security attack will close their doors within 6 months.
Unbelievably, only 17 percent of small businesses take steps to protect themselves. Don’t be a victim. Here’s how to protect your livelihood.
Set Up Security Protocols And Test Your Security
If you don’t have any security protocols, obviously the first thing you want to do is set something up in your organization. Use firewalls, and virtual private networks to create a more secure environment for your employees.
Always encrypt your data. Stored data and file systems are especially important. But, don’t forget about data that’s transmitted – even if it’s done in-house across the intranet.
Encryption is essential to protect your company’s sensitive information.
On top of basic encryption, use digital certificates to sign all of your websites. Save a copy of those certs to hardware devices as opposed to the server itself (which is a major security risk and sort of self-defeating).
Using routers and load balancers as the storage makes much more sense and provides natural protection from outside threats.
Implement DLP and auditing to prevent data loss. Use file auditing to monitor file changes so that you get alerts when anything moves in or out of the network.
Restrict the use of data and files off-site. Don’t allow employees to remove media that may contain sensitive company data.
Test your system periodically using protocols similar to Sec-Tec. Basically, once your defenses are up, you want to know whether they would hold under an attack. An outside security company can help you do this.
Train Your Employees
Train your employees to use strong passwords and always encrypt the data they store or send, regardless of whether it leaves the office or not. One of the biggest gaps in your security will be employees – improperly trained employees, or employees who don’t take the security protocols seriously, could bring down your entire business.
Secure Your Facilities
Secure your physical offices or building. You should have locks on all of the doors, and access to the servers should be strictly limited. If possible, use off-site hosting so that you can take advantage of purpose-built secure datacenters.
These datacenters often employ 24/7 security with biometric locks and a gated front entrance.
Dispose Of Products Securely
When devices are no longer needed, you should destroy them in a manner consistent with best practices for data disposal. In other words, shred all documents using a criss-cross shredding pattern, wipe all hard drives and then have them physically destroyed, and use secure file deletion for any files that no longer need to reside on your computer or network.
Carolyn Skinner runs a business advisory consultancy. She always appreciates the opportunity to impart her knowledge and insights online. Her ideas and thoughts have been posted on a number of different websites.
Image Source: BigStock