Join our Waitlist for Expert Advice!

Data Protection for Small Business Protecting online transactions should be the number one priority of start-ups and businesses

By Vinil Ramdev

Opinions expressed by Entrepreneur contributors are their own.

You're reading Entrepreneur India, an international franchise of Entrepreneur Media.

With the internet becoming a massive revolution and almost every transaction ranging from financial to signing of contracts conducted online, protecting confidential information has become very important.

Cyber crime is costing businesses millions of dollars

Large companies are known to implement stringent data security policies. Despite this, hackers have found loopholes in the system – Target, iCloud, Home Depot being examples of recent security breaches that made headlines. Small businesses can also be a target to hackers if they are not careful. Nothing is stopping the same hackers from targeting a small or medium-sized business.

An IBM-Ponemon Institute Study 2015 says that "On average, a data breach has been studied to cost $6.53 million to a company." These estimates do not cover losses to brand image and lost business opportunities. Small businesses generally lack manpower and the budget to protect themselves from hackers. According to information from Towergate, a leading insurance intermediary, the most common security risks involved in a small business set up include:

#1 Casual Stance towards Data Security

Most SMBs do not understand or realize the importance of data security. 82% of the companies believe that they aren't a target for cyber attacks as they don't have anything worth stealing. 32% of these companies also believe that a day's downtime due to an attack would not significantly affect their revenue. Malicious or criminal attacks are the leading causes of data breach and also the most expensive. These companies don't invest in fully protecting themselves and end up being vulnerable to attacks.

Solution: Start by developing a basic data security plan that not only covers data protection but also includes an action plan in case of a breach. Patch all your systems and segment your networks, secure your browsers, mandate data encryption and use an email encryption solution to protect your data.

Chip Brooks, Owner of ZixMailEncryption says, "It's very prudent for every business to use an email encryption solution to protect their data. We've seen that several small businesses are not even aware of a solution like that."

#2 No strong data security policies

A small business needs to reflect upon its own policies to see whether data security is imbibed into their work culture. Without a security policy, most businesses end up vulnerable to attacks and most of them fail to contain breaches due to non-existent post-breach policies.

Solution: Establish a data storage policy that becomes the rule book to be followed by all employees. The policy should cover data access structure within a company. Maintaining audit trails ensure accountability of who has accessed what kind of data and when. Businesses also need to understand that larger data sets increase their risk of a cyber attack. It is very important to have a policy that would ensure prompt deletion of old or unnecessary data. Limiting social networking platforms is also a key step in protecting company data.

#3 Lack of Data backing systems

62% of small businesses fail to routinely back up their data. The reasons could either be due to a lack of infrastructure or failure to conduct regular data backups. Regardless of the size of your business, data back-ups are a must.

Solution: Automate the entire process of backing up data. Apart from physical drives to store data, make use of trusted cloud services and other off-site servers to ensure data security even in cases of natural disasters, fire or theft. If companies cannot hire an IT team full time then outsourcing the service, hiring consultants or use of trusted third party systems could be an option.

#4 Internal Threats

Cyber attacks due to an employee could be intentional or just negligence. When it comes to corporate espionage all employees, whether it's the CEO of the company or your hard-working developer, need to be carefully monitored. Apart from planned attacks, employee negligence is also costing companies. Close to 77% of employees leave their computers unattended, fall prey to spam links or end up installing malicious software on their systems. And it comes as no surprise that 95% of all security incidents involve human error.

Solution: Close monitoring of employees would include checking for unusual behavior, limiting access to critical business data. Reducing security breaches due to human error should be done by educating and training employees about data security. Sean Park, Managing Partner of Sean Park Law says, "Data security is an important part of our operations. As a law firm, client confidentiality is of utmost importance. We take every step to ensure that we are up-to-date with our security policies, such as automatic encryption for online client communication."

#5 Boon and bane of mobility

With more and more companies adopting the Bring-Your-Own-Device (BYOD) system, the access points for data is also increasing. 56% of employees are known to store critical business data on their mobile devices like laptops, smart phones etc. Without proper data security measures in place, these devices are soft targets for cyber attacks.

Solution: Set up a security checklist for all mobile devices. These devices should comply with your data security policies. Encryption of all devices is a must. WiFi networks are known to permit interceptions of data, avoid using unprotected WiFi networks and apply LAN within company walls if possible.

Conclusion

In an era where data is money and cyber crime is a real threat, small businesses need to understand that the cost of data breaches is higher than the cost of implementing security systems. It's important to put some time and effort into ensuring the safety of your data.

Vinil Ramdev

Entrepreneur and Business Writer

Vinil Ramdev is an entrepreneur, business writer and marketer. He graduated with a Bachelors degree in Marketing in 2004. Since then, Vinil has been involved in starting and growing several businesses predominantly in retail, marketing, media, advertising and on the internet. His skill for seeing the big picture, and identifying trends and patterns have made him a sort-after consultant for companies who want to grow their business and make their products more discoverable. 

Leadership

4 Bold Leadership Moves Every Successful CEO Uses to Navigate Change

Ready to turn fear into fuel and lead with confidence? In this article, I share how leaving my corporate job without a plan led me to build a thriving business. Learn four bold strategies to embrace uncertainty and turn challenges into opportunities for growth today.

Social Media

Stop Chasing Algorithms — Here's How Creators Can Take Control of Their Content and Monetize on Their Own Terms

Social media platforms promise creators visibility, but the real challenge lies in relying on algorithms for income.

Business News

Meta Fires Employee Making $400,000 Per Year Over a $25 Meal Voucher Issue

Other staff members were fired for the same reason, per a new report.

Thought Leaders

These 3 Trends Will Change What It Means to Be an Entrepreneur in 2025

Here are three entrepreneurship trends from the new Global Entrepreneurship Monitor report that are changing the landscape for the future.

Data & Recovery

Train Your Company to Avoid Costly Data Breaches With This $30 Bundle

Train in the eight domains of CISSP and protect your business from growing cyber threats.