While the internet has provided businesses with unprecedented access to both the local and global market, it has also exposed them to data thefts, online scams and many other cyber crimes.
Unfortunately, most small businesses in Canada do not have adequate information security in place, either because oversight or because they overestimate the cost of security. Not surprisingly, statistics show that small businesses are especially risk because they are easy targets.
As a small business owner, a bit of knowledge and some preventative measures are the best way to protect you and your business from information theft and its consequences.
Information Theft Can Be Common
Studies reveal that information breaches are common, and can be catastrophic. Small businesses that experience data thefts may suffer debilitating financial losses or even go bankrupt. According to the Canadian Anti-Fraud Centre, there were 139,771 complaints of mass marketing frauds between 2009 and 2011 – 43,691 of which were actual victims. Together, victims lost $184,044,451.51 to fraudsters and scammers, including the money lost by individuals who were scammed.
Criminals Are Organized and Sophisticated
Criminals employ many different methods to steal your data, often operating in highly organized and sophisticated ways. Sometimes they use electronic listening devices to eavesdrop on your internet and communications network. However, they most often use e-mails, malware and phishing software to gather sensitive information from your computer and network, usually targeting bank account, credit card and social security numbers of your employees and customers.
Not All Criminals Use High-Tech Methods
However, criminals do not always use high-tech methods. Some may break into your office to obtain confidential materials; others lure or otherwise influence your employees to divulge company secrets. Other criminals may simply be interested in damaging your information through acts of vandalism.
Negligence is Often the Culprit
Sometimes, negligent employees inadvertently hand over sensitive information to criminals via e-mail or social media. They may also accidently transmit confidential information over a public network for everyone to see. Alternatively, you or one of your employees may lose materials and devices containing confidential data at home or in public places, such as a smartphone or portable hard drive.
Information Security Is Not Costly
While many small business owners underestimate the risk of information security, others have the mistaken idea that information security is too costly. According to Industry Canada, about 3,600 small businesses file for bankruptcy every year; although the actual number of business failures may be much higher. While the consequences of information breaches can be devastating, protecting your data can be easier than you think because many methods are neither costly nor cumbersome, as outlined below.
Prevention Costs Less than the Cure
When it comes to information security, you may not be aware of a breach until it’s too late. By the time you find out, you may already have incurred large financial losses or your company’s image may have already been damaged. Recovering your lost information or mending your reputation may prove difficult, and legal fees and compensations to customers may place a heavy financial toll on your company.
Some Useful Tips to Protect Your Data
Here are some simple, effective methods to help safeguard your data from criminals, competitors, malicious employees, visitors and casual trespassers.
1. Educate your employees
Employing security measures without educating your employees is like shutting the door without locking it. Educate your employees on basic security principles and practices. Establish information security procedures and require your employees to comply with them.
2. Install anti-malware software
The easiest way for cyber criminals to steal your data or cause damages to your information system is by using malware (malicious software). Install good, reliable anti-malware software and a firewall on every computer connected to your office network. Some of the topnotch anti-malware applications that you can use are Bitdefender Antivirus Plus, Kaspersky Antivirus and Norton Antivirus.
3. Encrypt sensitive data
The proliferation of mobile technology (including laptops, iPads, tablets and cell phones) has drastically increased the likelihood of sensitive information falling into the wrong hands. The only way to safeguard important data is to encrypt them. Good quality encryption software may require an initial investment, but when you or an employee actually lose a device you find that it’s more than worth what you paid for it.
4. Use SSL only for sensitive data
When receiving or sending sensitive information such as credit card numbers or other financial data over the internet, use secure socket layer (SSL) or a similar technology only. SSL provides complete protection from the information being intercepted by cybercriminals.
5. Make backup copies of sensitive data
You or one of your employees may accidently delete important files, or damage storage media or other devices. Fire and other natural or manmade calamities may also damage your office and information infrastructures. Make several backup copies of sensitive data, financial transactions and all other important files. Encrypt them and store them in safe locations, including in a secure location in the cloud.
6. Safely destroy discarded documents
Paper documents that you no longer need may supply a treasure-trove of information for criminals and opportunists. There are strict federal and provincial laws in Canada that you must comply with when destroying documents containing sensitive information.
According to study by Shred-It, approximately 28% of small businesses in Canada are not aware of legal compliances and legislations that apply to the security of their business. Surprisingly, over half (56%) of small businesses do not have a secure method of document disposal. Check with your paper shredding service provider to see if they meet all the regulations.