
Apr
21
Data Breach: Coming to a Small Business Near You
Data Breaches, cyber attacks, and identity theft seem to be the hot topics in the news recently. Retailers such as Target and TJ Maxx have both been in the spotlight for security breaches, and experts say small business owners who don’t make protecting customers’ personal information a top priority could find themselves in big trouble.
Will Pelgrin, president and CEO for the Center for Internet Security, recently spoke to Businessweek, saying, “I don’t know how small and medium-sized businesses could survive something of that magnitude.”
The online news source Mashable, recently reported that, for businesses and organizations, especially those of the small-to-medium variety, the need for security vigilance and data protection is as vital as it’s ever been.
In fact, it’s estimated that cyber criminals steal $1 billion every year from small and medium-sized businesses in the U.S. and Europe. It has also been estimated that it costs businesses $188 per record lost. (Business News Daily).
Not to mention, your customers will most likely deem you unreliable and discontinue using your goods or services.
One problem is that many think that because of their size, small businesses aren’t a target of cyber criminals. “We tend to think that it won’t happen to us because we are too small, and that they are really looking at the larger (companies), and that’s not the case,” Pelgrin says. “Everyone is under constant attack at this point.”
So What Can I Do to Protect Consumer Data?
Below are tips from the Center for Internet Security:
- Secure your environment. Bring your hardware, software and network up to the highest level of security. Most new hardware and software doesn’t always have the latest security measures on them. It is critical that businesses check each piece of equipment and download all the latest security patches. In addition they suggest all the security settings should be turned up as far as they can be without hindering operations.
- Educate Employees. Train workers regularly to identify and avoid such common scams as phishing attacks, says Will Pelgrin, chief executive of the nonprofit Center for Internet Security. Establish a written security policy that governs employees’ day-to-day activities on company computers and accounts so they don’t inadvertently invite intruders into your network.
- Protect Your Cloud. Now as companies move their data to offsite storage they should be sure that the data in the cloud is protected. It’s suggested that companies use an offsite data-backup provider to keep the data encrypted in more than one location to and make sure security is strong enough for intruders not to get in. Ask questions before hiring a cloud service provider, Pelgrin says: “What measures are in place to protect data? Who has access to the physical machine hosting your data? Where is that machine located?”
- Data Breach Insurance. Yes, we know what you’re thinking. Another insurance policy? However, during the past few years, data breach insurance has become more readily available. Most of the time, the coverage comes in two parts. Lynn LaGram, the Vice President at The Hartford, a small business insurance agency says, “The first part covers the response expense and can pay for things such as notifying customers after a breach occurs, setting up credit monitoring for effected customers, hiring a public relations firm to help repair reputational damage and hiring legal and forensic experts to assess whether a breach did occur and where it came from. The second part of the coverage kicks in and covers the business if any lawsuits that may be brought against them by consumers who have had their information stolen.
By: Lauren Rockwell, a business writer and works on the marketing staff at Liberty Capital Group, Inc. She writes about the latest business trends and industry conditions from tax laws to the latest financial trends. Her blogs are intended to offer accurate and concise advice to readers.