Big businesses and corporations are not the only ones who have to worry about data security risks. Small business can and do make great targets for criminals and those who want to take advantage of data weaknesses that exist. However, there are number of things small businesses can do, even with little or no cost, to protect their operations:
Mapping
A business should take the time to identify all the materials, electronic or paper, that represent a risk should the material get destroyed, lost or stolen. This includes customer files as well as operating papers and documents. It also includes identifying where the information is stored and how. Once the business is mapped then risk mitigation can begin.
Separation
All risk data should be separated from each other. The worse thing a business can do is keep all of its sensitive material in the same place or under the same security procedure. Segregation and different security methods make it much harder to get all the information and protects a business better.
Encrypt
Where information can be kept electronically and encrypted, doing so is strongly recommended. Even if data files are lost, if they can’t be opened or used, security is still on-going.
Secure Your Transmission
Data can also be lost in transmission or transfer. By using secure electronic channels such as secure sockets layer connections or SSL this risk can be significantly reduced. A business should never send sensitive data over an Internet channel that is public or open to anyone to access.
Know Your Employees
It’s not enough to secure paper and computers. Employees who work for a business need to be vetted as well. While you won’t likely be performing an MI6 security screening of a candidate, a business can easily find out quite about an applicant from prior employees, the Internet, and references as well as the police. These are all public records or information provided by the applicant himself. So it should be reviewed instead of ignored.
Privacy Rulebook
A smart business makes sure protocols are already in place on how to maintain and keep the company’s privacy secure. Every employee should understand those guidelines and his role in keep the company safe. For example, employees should check their personal email on their own private computer or at home. This avoids introducing unknown files to a business’ network.
Put Up a Fence
Since most decent business networks and Internet setups now involve broadband, it only makes sense for a small business to have a firewall and anti-virus system in place. This cuts down on 95% of the electronic risk that exists, floating around on the Internet and looking for an easy victim to mess with. Managers should also make sure the protection definitions are kept up to date as well. The software is only as good as its last set of virus definitions.
Use Locks
Where sensitive paper and forms are kept in folders, they should be stored in cabinets that lock, and those locks should be used regularly. Were those documents are no longer useful, they shouldn’t just be thrown away; they needed to be cross-shredded. This makes sure no one can put them back together for the data on the paper.
No business can completely fend off every data security risk that may occur, but by just following the above steps regularly a good portion of problems can be avoided easily. The majority of data security losses occur due to simple mistakes or lack of controls. By making it harder to penetrate a company’s data, many simple hackers and intentional characters will simply go to an easier target.
About the Author: Andrew Morrell has worked in the confidential waste disposal industry for several years and believes in the importance of business security and managing paperwork. He currently works for RussellRichardson.co.uk.