Do you remember some of the biggest security breaches of the last five years? I certainly do. It’s hard to forget last year’s Equifax breach where 209,000 consumer records including credit card data were exposed. There was also the JP Morgan Chase scandal of 2014 when the data of 76 million consumers and 7 million small businesses was compromised. But nothing beats the three billion user accounts that were exposed in the Yahoo security breach of 2013.
What lesson should we learn from this? I hope it’s that privacy protection is not underrated, nor should it be taken lightly. You might have made the mistake of thinking that your small business is safe from such attacks. I once thought the same thing-that is, until I did my homework. It turns out that privacy breaches are a bigger concern in small businesses than they are in large firms. The Verizon Data Breach Investigation Report of 2017 says that 61 percent of breaches that year had targeted small businesses, and increase of eight percent from the year previous. If you’re not taking privacy in your small business seriously, you should make a few changes today.
- Use a VPN
A virtual private network (VPN) is your key to enhanced privacy. It uses encryption technologies including transport layer security (TLS), layer 2 tunneling protocol (L2TP), secure sockets layer (SSL), and IP security (IPS). Together, these technologies create a “tunnel” of sorts between your device and a private server.
This kind of security is unparalleled for protecting your privacy and that of your customers. It not only allows you to connect to the server without saying who you are or where you’re located, but it also encrypts your data so hackers aren’t privy. If I were you, I’d research top VPN providers and sign up for enhanced privacy sooner rather than later.
- Educate Your Employees
Based on a report from the Ponemon Institute looking at data breaches in small and medium-sized businesses in North America and the United Kingdom, employees are actually the number one cause of data breaches.
Most breaches occur as the result of negligence. Employees use weak passwords, fail to change them frequently, or stay logged into accounts on public computers. They might also carelessly mention information to unauthorized parties or send emails to the wrong recipients.
Hold frequent trainings to stress the importance of privacy best practices. Discuss topics like changing passwords regularly, customer confidentiality, and careful computer usage. These short, frequent trainings could prevent a debilitating data breach.
- Back Up Your Important Data
At the end of the day, I always back up important information, either to the cloud or to an off-site storage solution. (When using the cloud, always us a VPN to prevent “man in the middle” attacks.) Few small businesses use data centers for back up, but a simple external hard drive will do if you don’t trust the cloud.
Not only is this a good practice for preventing significant data loss, but it’s also the key to combatting ransomware or malware. It prevents your data from being held ransom by hackers for financial demands.
- Encrypt Sensitive Emails
While your VPN will encrypt data between your device and the server, that protection ends once the information leaves your server. This means that when you send emails, they can be hacked when in the recipient’s email server.
Email encryption is another layer of protection that will keep your privacy safe. Although advanced email encryption services exist, you don’t have to purchase an expensive, all-inclusive package to accomplish your goals. There are more affordable, easier options for encrypting your email that integrate with free email providers like Gmail, perfect for small businesses on a budget.
- Update Software and Systems
Software developers don’t wait until their systems are perfect before releasing them to the public-they would never make a profit that way. Instead, they release patches and updates that fix security concerns and glitches.
When your software says it’s time to update, don’t ignore it. These patches will reduce security breach risks and installing them regularly will minimize your likelihood of an attack.
I make it a habit of running updates on my systems weekly. You never know when a vital security patch will be released that will prevent a successful hacking attempt.
- Have a Security Plan
It’s important to proactively work to secure your systems, but it’s naïve to believe you’ll never experience a breach. About 60 percent of small businesses report being attacked, whether the attempt was successful or not. You may not be able to prevent every attack, but you can have a plan just in case.
It should outline the best practices for preventing attacks, detailing rules like proper email security and safe web surfing practices. It should also underscore steps that will mitigate security risks. Prepare employees as best as you can by incorporating this security plan in your regular training meetings.
- Learn from Your Mistakes
I know I’ve made a few mistakes regarding privacy, and you probably will too. It’s not about what you do wrong but about what you do afterwards. Learn from past mistakes, identifying potential security concerns in the future and avoiding errors that could be detrimental to your privacy.
Keep in mind that technology is constantly evolving. Hackers adopt new methods all the time, so you’ll constantly learn lessons about better protecting your privacy with the latest technology.
Privacy for your business should be a constant focus. Security concerns evolve daily, and your mitigation plan must adapt with it. If your small business is anything like mine, you can’t afford the consequences of a security breach, so a vigilant and strict focus on privacy concerns is vital to your success.