Blog

Cybersecurity Tips for Small Businesses

by Jason Oxman , Electronic Transaction Association on February 13, 2014

We’ve all seen the recent headlines about large scale data breaches at major retailers. These types of data losses can happen to small businesses as well, although they don’t always lead to national headlines. In fact, Verizon reports that approximately 40% of data breaches in 2012 occurred among companies with fewer than 100 employees. Small business owners often don’t know where to start when it comes to data security. Here are 5 proactive, strategic steps to protect your customer data.

1. Identify & Control Sensitive Data
Every company has sensitive data, including financial records, employee personal information, or consumer credit card details. Make sure you know where this information is stored, whether on computers, laptops, or servers, and confirm that adequate protection exists at each level. Once you know where this data resides, identify who has access. Never give anyone, even an IT administrator, blanket access to all data with no oversight. Keep records about who uses data as well as how and when they use it, so a trail exists if files go missing or are compromised.

2. Consider the Cloud
By storing information offsite and under a robust cloud provider agreement, companies not only limit the chance of an attack, but they have access to data backup in the event of a disaster. Whether you store information on site, or have access to the cloud, check regularly using robust commercial-grade malware detection tools to make sure no intruder has gained access to your systems.

3. Encrypt What You Have
If you do choose to keep data onsite, encrypt it. Many databases, applications, and security suites offer data encryption services. Use a secure encryption technique so that even if information is stolen, it can’t be easily compromised.

4. Think About Paper
In a digital world, many small business owners overlook the power of paper. Physical statements that contain customer information can be recovered from trashcans or recycling bins. Shred all sensitive documents once you transfer them to a digital format, and employ a secure shredding company to dispose of the remains.

5. Secure Your Network
One of the easiest ways to do business in a small office is by using a wireless network. If left unsecured, however, these networks are also easy to attack. Make sure your wireless network has a password, and use WPA2 encryption rather than WEP. Periodically review all passwords being used in the system and change those that aren’t secure.

The Electronic Transactions Association (ETA), the global trade association representing the payments technology world, has ramped up its cybersecurity and fraud programs in light of the large data breaches of major retailers, and recently announced the addition of a Data Breach Summit at TRANSACT 14, the world’s premier payments technology event. TRANSACT 14 will provide attendees with the tools to prevent future breaches and protect consumer data. TRANSACT 14 takes place April 8 – 10, 2014 at the Mandalay Bay in Las Vegas, and registration is open now at www.transact14.com.

About The Author

Oxman brings two decades of technology and policy experience to ETA, the global trade association representing more than 500 financial and technology companies in the electronic payments industry.
Both comments and pings are currently closed.

Comments are closed.