Small Business Owners: Perform a Security Audit Before Disaster Strikes

News Ripped from Today’s Headlines

Updated 07-10-2015  Washington, DC.  Wire services reported today that up to 22 Million Federal Government Employees have reportedly had their personnel, credit, and security clearance background records accessed by an, as yet, unknown entity.  How this breach will impact these employees has yet to be recognized.  Nor has the Government identified the specific information that was compromised, or what use might be able to be made of the information.  Suppositions are rampant.

As of May 6, 2015, 282 total data breaches were recorded with 101,729,906 records exposed, according to the Identity Theft Resource Center. When the South Carolina Department of Revenue was hacked, 3.6 million social security numbers were compromised with a total loss of $5.2 billion dollars.

Meanwhile, Javelin Strategy and Research reported $16 billion was stolen from 12.7 million identity theft and fraud victims in 2014. Small business owners are wise to be concerned about the rise of data breaches and how this affects their customers’ trust and bottom line. To find out if your company is vulnerable to threat, conduct a security audit and prevent data breaches before they strike.

Consider your assets

Make a thorough list of your security assets from computers, networks and employee smartphones and mobile devices. Don’t forget to include servers and files and figure out how accessible they are to both employees and the public. Next, draft up a list of intangible assets like a log of employee schedule and activities, employee access cards and data. Study your assets carefully to figure out how each asset could potentially be threatened whether through water damage or a potential data breach. The more you understand your assets and how they could be compromised, the safer your company is from preventing potential risks.

Check for viruses

Viruses like email-worms can spread like wildfire through email attachments, web links and peer-to-peer file sharing networks. Such viruses can destroy your computer systems, compromise security and affect your customers. Your customers may be especially vulnerable to Trojan viruses that can maliciously copy and modify secure data, exposing your business to a serious data breach. Ensure your assets and data are protected by updating your antivirus software and practices.

Enforce policies

Implement a password and account policy to help stop data breaches in their track. Email passwords should meet specific complexity requirements like using a special character and capital letter. Enforce a minimum password length and use account lockouts for repeated incorrect login attempts. You can also require employees to regularly change their own passwords and use a multi-level security system and checkpoints to access restricted areas like server rooms.

Keep your files safe

Keeping your files and data safe goes beyond email lockout protocols and examining IT vulnerabilities. Store your client files in the cloud and away from vulnerabilities in your own servers and set-up. IT security support can be costly, but a data breach and crash is even worse. Small businesses can especially benefit from online cloud storage that’s designed specifically to protect businesses.  A third party storage system can protect your files and other assets for you and regularly update your account with the latest security features.

Scan for weaknesses

Expose weaknesses in your security systems by trying to hack into it yourself. Some apps can test to see if users are using strong enough passwords and can attempt to crack the code. If you can figure out how to get into your customer’s accounts from a public facing login, then hackers can easily do it as well. In addition to using strong security procedures and policies, install a firewall to give your systems an added layer of protection against data breaches.

 

This guest post includes hyperlinks to services  which are mentioned for the benefit of the reader.  These services may be free or may have a cost associated with them.  This notice is posted to comply with FTC Rulings and Guidelines regarding potential compensation.

Comments are closed.