Small Business Security: Simple Safeguards Make A Difference
With malicious online incidents so often in the news, it’s easy to forget that some data breaches are caused by slip-ups in the workplace; forgetting to back up data, using unsecured recycling bins and not having rules regarding proper document management and information security when working remotely.
For a small business with a limited security budget, that should be both a concern and a relief. While the risk of a small business data breach remains high, there are simple and effective safeguards that can be put in place.
Unfortunately, information thieves steal an estimated $1 billion (over £650 million) every year from small and medium-sized businesses in Europe and the US, according to an article at Mashable.
While the fifth annual Shred-it Security Tracker shows that only 10% of SMEs in the UK believe that a data breach would seriously impact their organisation, research has put the average cost of a breach to SMEs at up to £115,000 - enough to put many smaller companies out of business.
The Security Tracker also shows that only just over a half (54%) of small business owners have a protocol for storing and disposing of confidential information that is strictly adhered to by employees. The rest have either a protocol that not all employees are aware of (14%), have no protocol at all (27%) or don’t know if they have one (5%).
Here are some simple best practice ideas to protect your business:
On-Going Training. All employees need to understand why security policies and procedures are in place and exactly how to follow them. Security awareness training can be as simple as regular staff meetings where employees are updated about information security and taught the safest ways to share critical information online and handle confidential information outside of the office.
Secure Mobile Data. According to an article on Business News Daily, while nearly all small businesses have cybersecurity systems installed on their company’s desktop and laptop computers, only 60% have the same protection on their tablets and smartphones. One easy step to secure mobile data is to encrypt BYOD (Bring Your Own Device) devices with password protection. Use other tools to block malware and detect cyber-attacks.
Response Plan. Everyone needs to know what to do if a data breach occurs. Here is an example of a free Security Breach Response Plan from the International Association of Privacy Professionals.
Sweat the small stuff. According to Shred-it’s Small Actions for Big Wins data security checklist there are many commonly overlooked information security practices. For example, a business should provide lockable containers for unwanted confidential documents, employees should regularly change their passwords, and there should be document management procedures for storage and disposal.
Small businesses can reduce the risk of printed information falling into the wrong hands with these document destruction tips.
Join the conversation on information security with Shred-it on Twitter @Shredit_UK