It’s not just big businesses that attract hackers and cyber-crime—security breaches are a worrying trend for small businesses. A number of unsavory characters are looking to profit from enterprises that may not have the budget or the knowledge to fully protect their organization and its data.
While cyber-attacks remain prevalent among larger corporations, more and more small businesses are falling victim to fraud and security breaches. In fact, 87% of small companies have dealt with a security breach since 2012, and many found that it was a case of a ‘little too late’ when disaster struck. So what can you do to protect your small business against this growing concern and minimize the risk of a data breach?
Put a high price on sensitive data
While there is no need to keep endless records of credit card details and passwords, many companies must keep a small proportion of data for use in chargebacks and refunds, leaving them primary targets for hackers looking to get their hands on this sensitive material. Whether processing transactions online or offline, the handling of sensitive data in compliance with PCI Data Security Standards is essential when protecting information given to you by a customer during the payment process and safeguarding your business’s reputation as a trusted brand in the long run.
Ensuring you utilize SSL authentication is of utmost importance when handling sensitive data as a merchant. Ensure each transaction is secure with the encrypted view provided by SSL protection.
Be vigilant with new employees
Keeping your in-house network full of people you trust is also an important part of maintaining the appropriate level of data protection for secure online and offline transactions. When inviting new employees into the fold, background checks must be carried out thoroughly if their role is to handle your customers’ sensitive data. Unfortunately, employee fraud is a common occurrence in many business environments so make sure you enlist a workforce you and your customers can trust.
Review your data storage and disposal policy
Implementing procedures throughout your company when it comes to the correct storage and disposal of documents is highly recommended, especially when handling paperwork that contains sensitive information. Never throw sensitive data in the bin; apart from this being a clear breach of PCI Standards, it can also lead to your valued customers’ information falling into the wrong hands. Ensure every employee has their own shredder and shred everything to be on the safe side.
The same applies when photocopying sensitive paperwork, photocopiers tend to store scanned information in their hard drives so ensure this is fully encrypted and overwritten to make this data unreadable.
Remember: prevention is better than cure
When protecting your data, either online or offline, it is important to put a strict company policy into place to ensure you take all the necessary steps to protect your data and minimize fraud. Enlisting an information security specialist to assist you in your mission is advisable. Using services such as penetration testing, security auditing and training, these ethical hackers can assist you in securing your business, website, and information security practices.
Published: January 17, 2014