Are your data security methods enough to keep out a motivated thief? Here are 10 ways to keep your data safe from sticky fingers.
Data leaks are nothing new. Benedict Arnold shared American military secrets in 1780. The Watergate scandal forced U.S. President Richard Nixon out of office in 1974. And in 2016, The Panama Papers leak released millions of files documenting the hidden assets and tax-evasion schemes of billionaires and politicians in at least a dozen countries.
These big leaks and data breaches get big press, but small businesses are at risk just as much as a company like The Home Depot or Target—both of which experienced data breaches that put the information of over 120 million people at risk. The good news is that data security methods improve each time a threat surfaces.
Of course, most small businesses don't have the resources to protect data that a company like Target has. A determined hacker or smart virus can clearly get through some of the most sophisticated technology anyway; just ask Yahoo about one of their two recent breaches.
There is, however, a lot you can do to ensure your data security. Methods range from software solutions to physical actions to company policies. While there are no absolute guarantees, you might as well make it as difficult as possible to lose the important data you've worked so hard to collect.
10 data security methods to protect your small business
1. Lock your hard copy files
The shift toward electronic files is in motion, but there are still plenty of paper files out there. Many of those files include the sensitive personal information found on employee applications, W-2 forms, and direct deposit paperwork. Keep that paperwork in a locked file cabinet in a secure location, and limit access to it. It only takes a few minutes for wayward hands to steal an identity.
2. Lock computers and phones
If your employees have business computers or phones (or if they use their own for business), require a password to unlock and use them. It should go without saying, but "123456" is NOT an acceptable password, nor are "password," "123123," or any other common password.
3. Encrypt important data
In 2006, a Veteran's Affairs IT contractor reported a burglary at his Maryland home. Among the items stolen was a work laptop and an external hard drive, which happened to contain "unencrypted information on 26.5 million people," including active-duty military personnel and their families. While encrypted data may not have prevented that leak, it would have at least made it more difficult and time-consuming to get to.
4. Encrypt your cloud data
It's one thing to leave your personal computer unsecured, but cloud data is accessible from any computer throughout the world. There are numerous ways to encrypt your data on your own or through an encryption service. One of the easiest ways is to use an HTTPS connection for any sensitive online communications.
5. Limit access to changes
Not all data is sensitive, but it could be a nuisance if someone had the ability to change or erase that same data. Google Docs, for example, is an easy way to share a wholesale price list with your customers. Just make sure you share in "view" mode and not "edit" mode. One unhappy customer could change all your prices and give you a lot of extra work and headaches fixing them.
6. Remove access when appropriate
If an employee leaves your small business, especially under less-than-pleasant circumstances, make it a priority to delete them as a user on your accounts. While it's rare that a former employee will drain your bank account or create a PR disaster on your business Facebook page, it isn't unheard of.
7. Limit admin access
Speaking of access, one simple data security method is to limit administrative access to your information in the first place. A disgruntled employee with admin access could easily lock you out of your website, your bank account, your social media pages, and so much more. You can give editor and contributor status to several people, but save admin status for yourself and a trusted team member.
8. Passwords plus
No, a good password is not enough to keep your data safe. Two-factor identification is a must for any and all of your business accounts. Two-factor ID is the virtual version of the lock and the alarm system in your business. Someone needs both the key to get in and the code to turn off the alarm. Similarly, to access your business's Facebook page, for example, two-factor ID would require the basic login information as well as a six-digit code sent to your cell phone. Without both of those, you don't have access.
9. Secure your login information
Speaking of passwords, how many different accounts do you use the same password for? If the answer is more than one, it's time to make some changes. This is another amazingly simple data security method, yet it is far too often ignored. Set up a separate (and complicated) password for each of your business accounts, and store all those passwords in a password manager.
10. Backup and update
These two simple data security methods should go hand in hand. Always keep a backup of your data in the event your computer or phone is stolen. It's bad enough dealing with a theft; you don't want the additional stress of losing data, too.
It's not always theft that takes your data, though. Malware, viruses, and system failures can all wipe out your data, which is why software updates are essential. Updated systems have a fighting chance at keeping out security threats.
Another way to protect your small business is to make sure you have the insurance coverage you need. Check with your local Pekin Insurance agent to find out how we can help put your mind at ease.