Cybercrime is a serious concern for business owners. IBM Chair, CEO, and President, Ginni Rometty, called it “the greatest threat to every company in the world.” According to Juniper Research, by 2019, cybercrime cost businesses a staggering $2 trillion.
It’s impossible to put a dollar value on what your customer data is worth – or the cost to your business should sensitive data be compromised by theft or loss. For many small companies, a security breach could mean the end of the business.
If you don’t already have a data security plan, these tips will help you prevent a devastating loss.
Protect your company’s information assets
Given what’s at stake, every company should prepare a data security plan that identifies their information assets – hardware that stores private customer and employee information. Your plan should also outline potential threats to keeping information assets safe and strategies to protect them.
Your information assets may include the following:
- mobile phones
- USB keys
- fax machines
- employee devices used for work
In addition to inventorying information assets with descriptions and serial numbers, your security plan should outline your strategy for protecting data by asset, prioritized by severity of loss in a security breach.
A cybersecurity self-assessment can help you determine the strength of your internal cybersecurity processes – a helpful starting point to develop your company’s security plan.
Move to cloud-based storage
Storing company data in the cloud is one way to minimize the risk of customer data loss by keeping sensitive information off devices.
Cloud storage providers offer secured data centers, encryption, and authentication for your company data, as well as trained professionals working around the clock to keep your data safe from cyber-attacks.
Another benefit to cloud-based storage is that employees can log in securely to access customer information – a much safer option than transferring data over email or downloading it to computers, laptops, or mobile devices.
Set rules for company devices
Many small businesses rely on tablets and mobile phones to conduct day-to-day operations. Unfortunately, these company devices seriously threaten customer data if lost, damaged, or stolen.
Protect customer data with encryption, and be sure to install tracking software, update anti-virus protection regularly, and wipe data remotely from lost or stolen devices.
Talk to your employees about the importance of keeping customer data private and secure, and consider implementing these security guidelines:
- All employee passwords should be unique, difficult to guess, and re-set frequently
- Files should not be downloaded from the cloud to company devices, nor should apps that may carry malicious codes or security flaws
- Personal devices should not be used for work
Limit customer data access
Ensure only employees who need access to customer data to perform their jobs have access. Take advantage of software settings that “lock” customer data by user and disable access rights whenever employees retire or move on to a job at another company.
By following these guidelines, you can rest easy knowing you’ve taken the necessary steps to keep your customer data safe – and your business safe from a devastating cyber attack.