Though you hear more about the data breaches at large corporations, it’s actually small businesses that have the greatest risk for a cyberattack. In fact, about 44 percent of small business owners reported a cyberattack in 2013, which cost an average of nearly $9,000 per business. And the businesses that fell within that average (or below) were the lucky ones; over half of all small businesses that experienced a breach were forced to permanently shut down within six months of the incident.
So, what is your business doing wrong that could potentially lead to a future data breach?
Neglecting software updates: Regular software updates and patches help to fill in security gaps and improve usability. If they do not run automatically, make sure your employees are installing them as necessary.
Weak passwords: Using “password” or “1234” as a password is basically asking to be hacked. Instead, try to choose a password that would be difficult to crack—using letters, numbers and symbols—but easy to remember.
No authorized access: In most cases, not every employee needs access to every file, particularly sensitive/proprietary data that could be harmful to the company if leaked. If you allow all employees to access all files, you greatly increase the risk of a data breach. It’s important to remember that insider misuse is often the source of a breach. Your most important data should be encrypted and only authorized employees should be allowed to access it.
Allowing personal devices: If your business allows employees to use their personal devices—computers, laptops, tablets or smartphones—for work purposes, it could be a large source of digital insecurity. This is because it’s nearly impossible (and unethical) to regulate what people do with their personal devices. When possible, employees should be provided with business-owned devices if they must do work on the go. Or, if they must use personal devices, require that they use encryption software to transmit business data and connect only to secure WiFi networks.
Lack of a security officer: Because digital security is so important, every business should consider hiring a security officer. No, not someone with a uniform and badge. Rather, the security officer should be responsible for implementing and overseeing data security measures and privacy policies.
Is your business protected against the risk of a cyberattack? Contact our agency to learn about how how cyber liability insurance can be beneficial.
Protect your business with the right coverage. Call First Insurance Group at (800) 511-2892 for more information on Somerset business insurance.