Cybersecurity for Your Business

Cybersecurity Sentry InsuranceYour data is vital for the continuation of your business whatever industry you’re in. One study found that seven out of ten small companies that experienced a serious data loss were out of business within a year. What’s more, under various federal and state laws, companies can be held liable for data breaches in customer or employee information (such as customers’ credit card numbers and employees’ medical records). In this era of growing reliance on the Internet, broadband, and mobile devices, it’s essential that you address the matter of cybersecurity.

 

Recognize the threats

Your company, employee, and customer information is vulnerable to attack or loss. It’s not a question of if there will be a problem, but rather when (48% of companies with two to 20 employees experienced a data loss in 2011). Problems come from:

  • Hackers seeking the information. They can, for example, poach customer lists and use the information to their advantage. The threat can come from outsiders; the majority comes from insiders (employees). It can come through direct access to data on your devices or through public Wi-Fi (all public access, such as at airports, hotels, and places such as Starbucks, presents a security risk).
  • Malware (viruses, worms, or other infections). These can invade your systems by accessing bogus sites, opening infected attachments, or, unfortunately, through no
  • Lost or stolen mobile devices. More than 12,000 laptops are lost at airports every week (www.ponemon.org/news-2/8) and many are never recovered. You and staff members may have confidential business information on laptops, flash drives, smart phones, and other mobile devices.
  • Disasters and accidents. Fires, storms, or other catastrophes can result in data loss. Accidental deletions are another problem.

Secure yourself

For each type of threat, you can take actions to protect your company data.

Hackers. Hackers may come from outside the company or within. To guard against outside hackers, use firewalls and complex passwords to make it more difficult to access your systems. For threats from within, such as a disgruntled or terminated employee seeking proprietary information that he or she can sell or otherwise use for self-profit, limit the ability to access and download information. Monitor employee use of computers (this does not violate their privacy when the company owns the computers) with software for this purpose.

Malware. Simple measures, such as antivirus software, antispyware, and firewalls can keep many attacks from breaching your systems. Advise employees against downloading malicious software and opening email attachments from unknown senders. “Audit” your systems regularly to check for possible infections; remove or quarantine them. Review your security measures (at least annually) and stay alert to new programs or other options to help you.

Lost or stolen mobile devices. Use antitheft products (such as LoJack for Laptops), which include GPS locators, to help find lost or stolen devices. There are similar locator options for smart phones. In case you can’t recover them, make sure that devices have password protection, including strong passwords and regular (every 90 days) replacement. You may also want to consider data encryption so that even if the password is breached, your information is safe.

Disasters and accidents. The best protection from these occurrences is to backup data. Automate this process using off-site solutions; the cost is nominal but depends on the amount of data your need to backup. Consider moving some or all functions to the cloud so that data is never stored on your devices and the need for backup is eliminated.

Finally, properly dispose of any hard drives, flash drives, DVDs, and smart phones that contain company data. Effectively erase data by running a program to overwrite or wipe the data and, where appropriate, physically destroy devices (e.g., shred DVDs).

Resources to help you craft your cybersecurity plan

You don’t have to be tech savvy or have a staff of IT geeks on the payroll to secure yourself. Here are some resources:

Conclusion

The federal government’s campaign on cybercrime has this motto: Stop. Think. Connect. Use these actions to protect your company’s information. Train employees on measures they can use to ensure that devices and information in their care are protected. Work with your Sentry agent to learn more.

 
Article provided by Sentry Insurance, courtesy of Barbara Weltman, publisher of Big Ideas for Small Business, a monthly newsletter. Barbara has been a tax and business attorney since 1977 and, through the years, has developed a reputation as an insightful source of knowledge for small businesses.
For more information, visit: http://www.barbaraweltman.com.

 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: