Data protection is more important than ever today for small businesses. Large corporations and governments were once the favored targets for hackers but those days are gone. The availability of hacker starter kits, easily purchased on the dark web, has given rise to a new breed of hacker who, while not as tech savvy, can cause just as much havoc.
These new hackers don’t attempt to breach the cyber defenses at Microsoft or Marriott. Those companies have armies of highly trained cybersecurity workers having learned their lesson from previous breaches. Today’s hackers are increasingly targeting smaller businesses and institutions who are lucky if they can afford one full-time cybersecurity person.
There are, however, some simple steps a small business can take to make their cyber defenses stronger without breaking the bank.
1. Conduct a Data Inventory
What kinds of sensitive data do you need to protect? Do you have customer data – credit cards, social security numbers, addresses, medical information – as well as sensitive employee information like payroll and bank account data?
2. How is your Data Protected?
It would be simple to protect your sensitive data if it all resided on one computer that was never connected to the internet or another computer. If, like most businesses, however, your data is shared on a network, there are several questions you need to ask. Who has access to that data? How is it accessed?
4. Create Layers of Security
Don’t just rely on passwords to protect your data. You are giving the hacker only one lock to pick before he can access your most sensitive information. Establish layers of security where access to the system is limited to what people need to know. Consider prioritizing your data into categories like “internal use only,” “sensitive,” and “highly classified.”
5. Encourage Everyone to Report Losses Quickly
Embarrassed or upset over a security lapse they caused, it’s perhaps understandable that an employee or contractor would want to hide it. This attitude can cause untold damage. Not only does it leave the problem unresolved, it leaves the door open for hackers to wreak even more havoc. Encourage everyone, staff and contractors, to report breaches immediately.
Our CyberSAFE training certification program is aimed at helping non-tech employees learn to spot common cybersecurity risks. Learn how you can make your workers the first line of defense here.