We have all heard about Target and Neiman Marcus data breach exposing their customers’ information to the black market. Both corporations have taken steps to rectify this unfortunate event by informing their customers if their data was stolen, giving one year credit monitoring subscriptions and working with banks to return any fraudulent charges.
It’s important to know that not only big corporations are at risk. Small businesses are also being targeted by Identity Thieves and Hackers. According to Javelin Strategy & Research, small business owners are being disproportionally victimized by identity thieves. In 2011, self-identified small business owners experienced a fraud rate 1.9 times higher than consumers who do not own small businesses.
So how can we avoid being at risk? Start by protecting your intellectual assets, training your staff and keeping up to date with technology.
- Use Antivirus and Antimalware protection – A virus can infect all computers in your network, destroy data and compromise your business information. Having an enterprise solution that doesn’t slow down your computer is key. We use and recommend ESET Antivirus for Business. It is also important to have another piece of software that checks and makes sure the antivirus is running and operating correctly.
- Update your computer, network, software, and phones – Computer programs, apps and operating systems are constantly improved based on customer feedback and security enhancements. When you purchase any one of them you receive automatic updates that will make your devices work well and stay protected. Make sure all your applications are to the latest version, especially Windows and Mac security updates, antivirus and antimalware protection. It is also a best practice to have a third party review your applications to make sure they are up to date.
- Protect your network – Make sure your Wireless Access Point and Internet router have strong passcode authentication, such as WPA2, and don’t share your wireless password with guests, as this will allow them to have access to your internal network. Set up guest wireless access for visitors separate from your company’s network and make sure it is also secure. It’s also good practice to have a firewall in place to prevent outside intrusions.
- Setup company technology policies and procedures – Businesses store lots of data in computers such as accounting information, customer’s contracts, operations and business procedures, and sensitive employee data. It is the company's responsibility to keep it safe and secure from third party vendors, competitors and employees. Take the time to create confidentiality and non-disclosure agreements, train your staff on safe computing, such as Computer, Network and Mobile devices security, HR security management and protection. If you have third party vendors like accountants, IT professionals, or attorneys make sure to have non-disclosure agreements with them and also make sure vendors are protecting your data as well.
- Protect your online accounts - Use different password variations in your online accounts to increase security. Some other ways to protect your passwords are using redundant account verification, tools like Google Authenticator, or simply putting a phone number or secondary recovery email on your account. These steps can make a big difference on protecting your identity.
- Back up and encrypt your data – Make sure to backup your data daily and use a provider that manages your backups and encrypts your data to be stored at a secure offsite location. Carbonite, Mozy or Stimulus Technologies offer managed offsite backup services.
Please contact us if you have any specific questions about business security for your industry or would like Stimulus Technologies to do an overview and health check of your network.