In today’s day and age, there are many ways businesses take and face risks. Some businesses are in industries where they take risks just in the fact that they are open for business. That can be a roofing company who has employees who climb on top of a house on a daily basis. Other businesses face risks in hiring and firing employees, generating enough revenue to stay afloat and most importantly the risk of becoming victim to a data breach. Most business owners do not think twice about purchasing commercial property insurance, but many still hesitate to secure data breach insurance. This is a mistake because it does not matter the size nor the scope of your business, every business is a target of hackers and every business is at risk for a data breach.
Two of the largest data breaches in history were Target and Home Depot. Both of those breaches were accessed by first hacking in to a smaller company first. In the case of target the company was Fazio Mechanical Services and in the case of Home Depot the company provided credit and debit card processing. These companies had been hacked weeks if not months prior to accessing the system of the larger company. If your business works for any larger business than you could be at risk of being a target for hackers. If you choose to protect your business with data breach insurance this may not be as damaging. Even if your business does not partner with larger companies you could still be a target for hackers just to get the information of your customers. This is a costly risk that you are taking without properly insuring your business and without taking precautions to protect your business. According to the Ponemon Institute it costs a business on average $174 per record. Other studies show it costing more. Taking these numbers in to consideration it would cost your business more than $17,000 for just 100 records being compromised. if that were 1,000 records it would cost $174,000. If that is not a cost your business can withstand than you need to have Data Breach Insurance Coverage and on top of that you need to be taking the proper steps to preventing this from happening. Here are four simple things your business can do to prevent a data breach.
Train your employees
The prevention of data breaches starts with your new hire training. If an employee is going to be using a computer they need to be trained on how to protect the company from being at risk. Do not assume employees know how to do this. Many employees may be very capable of doing a job for your business that is necessary. This does not mean they are computer savy and are properly trained to protect your business from intruders. Take the time and effort on the front end to properly prepare your employees to defend your business against hackers and it will provide dividends on the back end.
Help each employee protect their work space
Logging out and locking up your desk when away and over night are crucial. Even if the employee is just stepping away to the restroom it is crucial to lock up their devices. In most business environments, there are customers, vendors and other employees who may gain access to your computer while you are away. You do not have to create a culture of mistrust to do this. On top of locking down your devices it is also important to not write down passwords on a post it note or some other piece of paper. It may be rare, but if these passwords fall in to the wrong hands it can cost your business immensely.
Require long passwords
Passwords need to have certain requirements to be allowed. The best way to make this easier for your employees is to give them examples of what you want. here are a few examples of how someone can make a password strong and still make them rather easy to remember.
This would be an example of a password that is extremely secure.
This would be an example of a password that is a little less secure, but easier to remember.
JoeSmith or password
These are examples of terrible passwords that should not be allowed.
I like using something similar to the middle password because I can change the word Baseball with the time of the year. In the Fall I might use Football or Autumn, in the Winter I might use basketball or Thanksgiving. This allows me to change the password frequently but not having to remember an entirely new password. There should also be a time period for how frequently a password must be changed. Every 90 days is a good rule of thumb, but many businesses have different requirements based on the needs of their organizations.
In today’s day and age, there is no reason any personal information should ever be disposed of without first being shred. There are outside businesses that can dispose of the shredded material. Some of these businesses will even recycle this paper, which is something you can share with your employees, customers and vendor partners. If any of these groups are environmentally conscious this can be a bonus to them and will add to your credibility as a business.