Cyber Security: Steps to Safeguard Your Business
If you’re involved in running a business of any size, there’s a good chance that you’re collecting at least some customer information and data.
But no matter how small your organization is, one of the things that you absolutely must be aware of is data security. As a business, you’re a natural target for hackers.
While we routinely hear of large companies’ customer or employee information records being breached by hackers, small businesses are not immune to the threat – if anything, they’re an easier target due to their general lack of security protocol and preparedness.
Here are some basic tips to keep in mind in order to ensure that your business is protected as well as it can be.
- Only collect the minimum amount of data needed about your customers. Never keep information like credit cards or SIN numbers on file. Should a breach occur, this reduces the potential for total disaster.
- Ensure computers are kept up to date with anti-virus and anti-malware software. There are some excellent programs out there that are built for businesses and very cost-effective for the value that they provide. Beyond just downloading the programs, it’s essential to establish a schedule of regular updates and scans – this can be set automatically within most software programs. New threats, viruses, Trojans and worms are emerging constantly, so keeping your anti-virus software up to date is an essential step towards detecting and eliminating these ongoing viruses.
- Make use of strong passwords. Your passwords should be strong for your personal online activities, but this holds even more importance in your business dealings. If passwords are simply a short string of lower-case letters, for example, they can be “brute forced” by anyone with enough computing power – that is, solved by an automated script trying every possible combination. To protect yourself against this, make use of a mix of upper case and lower case letters, as well as numbers, and symbols. Sure, it may be a little harder to remember off the top of your head, but the benefits of strong passwords far outweigh the trouble.
- Backup your files regularly. Keeping backups of your business documents is an essential part of protecting yourself against not only a digital leak, but also a physical disruption, like a hard drive failure, or a catastrophe like a flood or a fire.
- Consider making use of an IT security firm. Many small businesses don’t have the cash flow or resources to have a dedicated IT person on staff, so it may be worth investigating the feasibility of outside help from experts. Among their ideas and suggestions may be:
- Two-factor password authentication
- Outsourcing payment processing
- Internet browser and router security
- Implementing time-out procedures into your office computers and systems
- Limiting the websites your employees can visit
And much more. If you’re already relatively familiar with the notion of cyber security, there are also some resources online that lay out the steps for an IT security audit.
- Establish the importance of these steps with your employees, and get their buy-in. In much the same way you would go about establishing a physical security protocol for your office, communicating the importance that your policies be followed is essential to the success of your digital security protocol. You need to find the balance between security steps that are appropriate for your company, but not make them so cumbersome that employees will break them because they’re inconvenient.
- Look into cyber insurance to further protect yourself. As an added layer of protection, cyber liability insurance can be included as an attachment to business insurance policies, or purchased separately.
Your local Ottawa or Eastern Ontario insurance broker can walk you through some of the types of coverage like those we offer at Oegema, Nicholson & Associates. One of these is data breach Cyber Expense Liability. This type of coverage works to reduce the risks and ultimate costs associated with a breach of your company’s data systems by ensuring that you are protected by insurance and can provide management service to assist in mitigating losses and expenses.
Speak to your broker to discuss some of the insurance options available that can safeguard your business in the event that your new policies and protocols aren’t enough to prevent a cyber security issue.