Guest Contribution by James Daniels
Americans today, more than ever, are aware of how vulnerable they are online when it comes to personal information. Sophisticated and complex data breaches occur all too often, and despite the cybersecurity industry’s rapid advancement and development of new protections, hackers still find a way to break into systems and steal personal data to exploit it for gain somehow.
It’s not uncommon for small businesses to be unprepared for such attacks, as they often are running on low budgets and don’t have the resources to build extensive protected infrastructure. Small business owners may also think that they’re too small for any hackers to target them and collect a small amount of personal customer data when they could target larger companies and get more data for their efforts. However, small businesses are an easier target that can also lead to a larger company’s data breach.
For example, the 2013 Target attack that ended up compromising 40 million Target customers’ data during the Christmas shopping season was reportedly through an HVAC company – a third-party vendor that Target employed for some of their locations. The key takeaway here is that if your business has valuable information to a hacker, regardless of its size, it’s more likely than not to be targeted for cybercrime.
If you want to be responsible for your customer’s data and protect it properly, here are some ways to do it.
Don’t collect any information you don’t need
The best practice is to delete any personal information that your company doesn’t need since the more valuable data you have, the more of a target to hackers you become. When possible, swap out any necessity for valuable personal information, like social security numbers or home addresses for something simpler like a username and password. You could also consider temporarily storing customer information for applications like deliveries, but then deleting them after a specific amount of time.
Use multiple security layers
Having more than one security layer is critical for proper network security because if one level fails or is breached, there is another level—or hopefully multiple levels—of protection remaining. Layered security is one of the main benefits of cloud computing, so consider a system like that to help keep customer data safe. Moreover, enacting firewalls, antivirus software, and web and email protection will increase the amount of security protecting any important data from hacking attempts. It’s also important to have a backup in the event that personal data is compromised, corrupted, or deleted.
Update your software regularly
Having the latest security software updated on your operating system can help ensure your software is fully up to date and any vulnerabilities previously discovered are patched up. If you have the option to turn on automatic updates, it’s wise to do so. That way, your machine can stay updated without you having to think about it.
The internal error is a major factor when it comes to data breaches, even when the act isn’t malicious. Limiting employee access to important customer data is one step, but educating your employees on proper protection measures is crucial. They should know how to set strong passwords, how to identify any phishing scams or malware, and how to keep personal data out of the wrong hands.