Data breaches at large corporations have been making headlines recently. The good news is that major corporations have the resources to protect themselves from electronic intruders. If your company does business with firms traded on public stock exchanges, your personal and business data probably are secure.
The bad news? Thwarted hackers and identity thieves may step up attacks on small and medium-sized businesses, as these companies often do not have strong defenses in place (making them more vulnerable to cyber breaches).
Consequently, your company’s customer data and banking information may be targets. Dealing with electronic theft can be costly and time consuming – and extremely stressful. If you suffer a data intrusion and word gets out, damage to your reputation can be severe. Small companies may even be forced out of business as a result.
Putting Protection in Place
To avoid such disasters, you need to recognize the risk and adopt a plan to secure your electronic information. It may be well worth the time and money to bring in a third party expert to review your cybersecurity and make recommendations.
Often, recommendations include a program of educating your employees about data security, with periodic sessions to inform your staff about new threats. For example, if employees need a password to access private information, they should be required to change their login credentials at regular intervals. In addition, they should probably not be allowed to use the same username and password for multiple websites.
You may want to investigate using a password manager yourself, for company-related matters, and having employees use one as well. Password managers, found online, store someone’s login credentials for various websites and allow users automatic entry. The user has just one master password to remember while different, changing passwords are submitted to provide the desired access. There are also services that can securely transfer sensitive files, if you prefer not to send them as an e-mail attachment.
Your company should also take action to protect against malware: hostile or invasive software that may be used to steal personal information and commit fraud. You can reduce your risk in this area by installing antivirus software and keeping it current. Your business also can implement policies regarding the types of websites and data that employees access while on a company network.
The U.S. Chamber of Commerce offers suggestions for establishing policies for employees’ acceptable use of electronic devices. Employers might require the following:
- Logging off or applying a screen lock to their computer before leaving it unattended even for a short break,
- Assigning employee responsibility for computer access and equipment taken off-site,
- Limiting employee and family members’ personal use of company computers,
- Limiting the use of personal machines on your company’s network, and
- Establishing employee liability when acceptable personal use has not been followed.