Recent high-profile data breaches, including those involving Anthem and Target, are cause for concern. Virtually every company, regardless of its size, is exposed to the potential dangers. The loss or theft of private information not only is expensive but also might harm business relationships and cause legal complications. In the worst case, the business could even go under.
Why put your company’s reputation at stake and risk a financial catastrophe? Be proactive about preventing data breaches. Start by implementing procedures that should trigger a fast response in the event a breach occurs. Here are seven possibilities.
1. Take an inventory of the private information on file, and retain only what is necessary. As part of this process, you should shred old files, destroy old hard drives, and wipe portable devices and remove memory cards before you discard them. Limit access to employee and client records to a “need-to-know basis.”
2. Protect the integrity of the system. Typically, this means installing and updating computer firewalls as well as antivirus and antispyware programs. Even a basic software package can be helpful, while encryption programs are becoming more affordable.
3. Run background checks on employees. In many cases, a significant number of employees will have access to restricted information, so be thorough. Do not allow exceptions for longtime employees who have been loyal to the company—this applies to everyone.
4. Review agreements with outside sources. For instance, if your company shares data with a third party, such as a payroll processing firm or some other vendor or supplier, any contract should stipulate that the third party is responsible for costs when information is breached while it is under their control.
5. Use professional security services. For even greater security, be proactive in this area. A security consultant can help you decide what level of protection you need and will remain “on call” at all times.
6. Consider extra insurance. Because data is so critical to small businesses today, you might add data breach insurance to your basic property and casualty insurance coverage. The coverage pays for responders, in addition to providing other services such as identity fraud case management for clients. Simply contact your insurance carrier to start the ball rolling.
7. Stay calm if a breach occurs. Take a deep breath, and then act swiftly and decisively. Analyze what level of information has been exposed, comply with state reporting laws and determine the best course of action for a response. Your business advisers may provide valuable guidance.
Do not think that your company is immune from technological dangers. By planning ahead—and adopting some, if not all, of these seven basic security measures—you should be able to reduce your exposure and limit the potential for devastating losses. Coordinate these activities with the experts in the field.
Return to top