Is Your Business Underprotected?

by Jeremy Johnson | Jan 28, 2020 4:53:49 PM

As a business having your
customers’ trust is essential. One way to earn and keep that trust is by protecting
their personal and financial information.  Unfortunately, businesses are suffering data
breaches at an increasing rate, with more than half of all small
businesses experiencing a breach within the last year. According to insurance
carrier Hiscox, 4 in 10 have experienced multiple incidents.

“Attackers are getting smarter,
attacks are occurring faster, and incidents are becoming more complex,”
cautions Justin Fier, Director of hyper-intelligence and analytics at cyber
defense firm Darktrace. It’s obvious why protecting your business network is
essential. But unfortunately, 66% of senior decision-makers at small businesses
still believe they’re unlikely to be targeted by online criminals. That’s according
to Keeper Security’s 2019 SMB Cyberthreat Study. The result is too many companies
are under-protected and their customers’ information is at risk.

If you collect data that can be
linked to a specific customer, computer, or device, it is personal data and
needs protection. Pay attention to how you store and share sensitive data such
as social security numbers, credit card or other financial information, and
location data. The questions you should be asking yourself are:

  • How do we collect data?  (e.g., via email, regular mail, online
    collection.)
  • Where is it stored? (e.g., PCs, networks, mobile
    devices, USB sticks, cloud service providers, file cabinets.)
  • Who has access? (e.g., all employees or only
    employees who need it, vendors, contractors.)
  • Who is it shared with? (e.g., advertisers and
    marketers, business partners.)

When asking these questions, examine
precisely how your business avoids putting customer information at risk. Also,
be sure to gather and store only the data necessary to run your business and
meet legal requirements. You may be able to eliminate unnecessary data by simply
changing default settings in online forms or database software.

Whether or not it’s legally
required for your business, it’s a good idea to develop and maintain a
comprehensive privacy policy. Your customers have a right to know what privacy
protections they can expect when they interact with your business online.  Even if you’re not processing sales
transactions on your site, you may be collecting your visitors’ personal data
to generate leads, make appointments, manage newsletter subscriptions, or to
share with advertisers. You’re probably using web analytics to gather data to
optimize your website’s performance. 

To make choices about your personal privacy and keep your data safe and secure use these digital literacy tips. For more on how to make sure your business complies with privacy laws, including GDPR and COPPA, follow these tips. Check out the National Cyber Security Alliance’s tips for businesses. You can find more data security tips from the BBB at “Data Security – Made Simpler.”

Subscribe Now

Posts by Topic

see all

Additional Reading