Large corporations aren’t the only targets for data theft. Because small businesses often aren’t as vigilant as they need to be, hackers know smaller companies can make promising targets also. Here are a few steps that business owners can take to prevent data breaches, suggested by Journal of Accountancy.
- Don’t be lulled into complacency. Everyone thinks it won’t happen to them. But fraudsters target weak spots, and many small businesses have several of them.
- Install IT controls. Robust, properly-configured firewalls, anti-virus software, and up-to-date software patches should be maintained on all systems and workstations. In addition, employees shouldn’t have access to anything they don’t need.
- Provide training. Employees may not understand what an unsafe website looks like or how to recognize a phishing email. Training employees on a regular basis to watch out for current issues will go a long way toward protecting your systems.
- Use strong passwords. Weak passwords are the easiest way for hackers to get in. Even one employee using “Password1” or “Password123” (or anything commonly-used) can potentially open up your entire network to thieves.
- Monitor your vendors. If vendors have access to company data, they must have strong security in place as well. The infamous Target hack in 2013 was the result of hackers breaching the system of Target’s HVAC vendor, giving the hackers clear access to Target’s network.
- Test periodically. Systems should be tested at least once yearly to identify vulnerabilities.
- Include security on mobile devices. Smartphones are computers — if they have access to company data, they need to be protected just as a desk workstation or laptop would be.
A data breach is an expensive and stressful event — one that also damages trust between a company and its customers. No matter how low the chances of your particular business being hacked, it’s better not to take the risk.