Is Your Business Underprotected?

by Jeremy Johnson | Jan 28, 2020 4:53:49 PM

As a business having your customers’ trust is essential. One way to earn and keep that trust is by protecting their personal and financial information.  Unfortunately, businesses are suffering data
breaches at an increasing rate, with more than half of all small businesses experiencing a breach within the last year. According to insurance carrier Hiscox, 4 in 10 have experienced multiple incidents.

“Attackers are getting smarter, attacks are occurring faster, and incidents are becoming more complex,”
cautions Justin Fier, Director of hyper-intelligence and analytics at cyber defense firm Darktrace. It’s obvious why protecting your business network is essential. But unfortunately, 66% of senior decision-makers at small businesses still believe they’re unlikely to be targeted by online criminals. That’s according to Keeper Security’s 2019 SMB Cyberthreat Study. The result is too many companies
are under-protected and their customers’ information is at risk.

If you collect data that can be linked to a specific customer, computer, or device, it is personal data and
needs protection. Pay attention to how you store and share sensitive data such as social security numbers, credit card or other financial information, and location data. The questions you should be asking yourself are:

  • How do we collect data?  (e.g., via email, regular mail, online collection.)
  • Where is it stored? (e.g., PCs, networks, mobile devices, USB sticks, cloud service providers, file cabinets.)
  • Who has access? (e.g., all employees or only employees who need it, vendors, contractors.)
  • Who is it shared with? (e.g., advertisers and marketers, business partners.)

When asking these questions, examine precisely how your business avoids putting customer information at risk. Also, be sure to gather and store only the data necessary to run your business and
meet legal requirements. You may be able to eliminate unnecessary data by simply changing default settings in online forms or database software.

Whether or not it’s legally required for your business, it’s a good idea to develop and maintain a
comprehensive privacy policy. Your customers have a right to know what privacy protections they can expect when they interact with your business online.  Even if you’re not processing sales
transactions on your site, you may be collecting your visitors’ personal data to generate leads, make appointments, manage newsletter subscriptions, or to share with advertisers. You’re probably using web analytics to gather data to optimize your website’s performance. 

To make choices about your personal privacy and keep your data safe and secure use these digital literacy tips. For more on how to make sure your business complies with privacy laws, including GDPR and COPPA, follow these tips. Check out the National Cyber Security Alliance’s tips for businesses. You can find more data security tips from the BBB at “Data Security – Made Simpler.”

Subscribe Now

Additional Reading