As a business owner, there is a general feeling that you could be doing a better job to safeguard your data against potential security breaches. Online threat has never been as bad, and everyone is getting it.
In 2013, hackers got into Target’s system and made away with 40 million credit card numbers and pin numbers from encrypted customer security debit cards. It had become so common that it prompted ZDNet to come up with a list of that year’s data breaches, and these weren’t small-time – not at all. The victims included big names, nay – the biggest names – in government, media and technology: the U.S. Federal Reserve was on the list, the Wall Street Journal was on the list, the New York Times wasn’t spared either, and neither were big boys Apple, Facebook, Twitter, LinkedIn and Adobe.
That was just the start. Even the White House and security companies themselves aren’t being spared either. These are not what you would call small companies, like yours and mine. These are the largest and most well-known government organizations and companies in the world. So, what in the world would make you safer than corporations with financial firepower and expertise at their disposal?
You guessed it – we are more vulnerable. And for good reason.
To begin with, most small and medium-sized businesses today are accepting credit card and social security numbers than ever before. We are now accepting online and mobile payments in a bid to offer more options which translate to more sales; sales that wouldn’t have been possible before. The number of checks we are sending out and receiving has reduced drastically as we move operations virtual.
And yes, we oversee storage of this very sensitive information which we are storing on-premise or on hosted servers that just need a password to gain access to. In short, our security is terrible. And the cloud ecommerce services we rely on (as demonstrated by our choice of payment methods) aren’t much either.
Have you ever asked yourself what would happen if your customers’ info was stolen? Here’s what…
Those customers will desist from doing business with us. Some may share with others or let the world know by sharing their problems with the media. Others, well others might just decide to see us in court! Our reputations would be on the line; our credibility challenged. We would be embarrassed and customers may find it hard to trust us again. Throw in the potential ginormous liabilities and it makes for a nauseating prospect.
No one would definitely like to find themselves in such a position. Whom would you blame? Just you.
To Each His Own
So, what do you do to safeguard you and your business against this? Fortunately, there are affordable ways such as the following:
- Every now and then, make sure to run background checks on each and every one of your staff handling customer data.
- Ensure your customer data is housed in an encrypted database.
- Have your databases that store customer information secured by multi-level passwords – and change these passwords on a frequent basis.
- Ensure your disaster recovery plan has a provision for you know – when it hits the fan (and you do have a disaster recovery plan, right?)
- Update your T&Cs to absolve you of any blame should a data breach occur and you find yourself in a stolen data incident. This can’t stop anyone from slapping you with a lawsuit, which you could lose or suffer reputation and credibility issues at the very least.
- Review and enforce standard network security health check controls.
- Employ a decent spyware removal tool such as Spyhunter or Malwarebytes. Spyware is known to aid in potential data theft.
By the way, small business like you and I have been identified as thriving entry points for hackers, particularly if you happen to do business with big companies. That’s how Target and Home Depot got compromised. In case they get you, at least you tried.