Data breach, card compromise, sitewide leak, web hacking—today’s headlines are full of anxiety inducing words which cause concern about security and privacy. In May, one of America’s three credit reporting agencies, Equifax, experienced a data breach of epic proportions. According to CBS News, Equifax lost roughly 145 million consumers’ personal information (which included not only social security numbers, but also credit card numbers and driver’s licenses) to nefarious internet hackers. Worse yet, NPR reports that the behemoth institution experienced a possible second data breach.
With these alarming incidents, the fear of cyber-attacks is most prevalent for many consumers, who trust businesses to safely maintain their sensitive personal information. Likewise, business owners are also concerned with the monumental task of securing confidential data of their clients and employees.
In the past, conversations mostly encompassed how breaches impacted consumers, but now there is discussion of how the companies which are targeted by hackers are also feeling the repercussions of these events. A large corporation may find such data compromises a nuisance, but do not fear losing their entire fortune, as they have the funds to cover legal fees and monopolize many markets, thereby not feeling the effects of boycotts.
In contrast, mom and pop stores have more at risk. In fact, The Guardian reports that close to 75% of small businesses had a security breach in 2016. It’s estimated that 9 out of 10 security data breaches involve not large corporations, but small businesses!
The impact of these breaches can be catastrophic for startups and family-run companies, as financial costs mount from client lawsuits and funds paid to outside companies to help with the post damage control. These costs can average nearly $225 per file stolen, as well as impact later revenue as the company’s reputation is tarnished.
Internal investigations to discover where the breach occurred can be costly, and result in HR nightmares with the firing of those both knowingly and unknowingly involved in the data compromise. Once a data breach is done, it cannot be “undone”, and the permanency of this event can result in a business closing its doors forever, according to Entrepreneur Magazine.
So how does a small business owner protect themselves in a world full of uncertainties? Proactiveness. When even the United States’ gatekeepers of social security numbers fail to maintain data integrity, one can see the need to be proactive about maintaining high security standards. Often small businesses do not budget for IT expenses—the thought of a data breach just isn’t on their radar.
Given the record number of breaches over the past decade which targeted the “little guy”, ignoring fortifying one’s data is no longer a luxury—rather skimping on IT becomes a detriment to the bottom line. It’s reported that nearly 60% of small businesses hit by an online hacker go out of business in less than a year.
Allocating funds for IT, should be seen the same as other essentials to running a small business—like hiring a trusted CPA and financial advisor. Building a team to protect one’s sensitive information (clients’ social security numbers and credit card information, or even employee’s payroll data) is a must in today’s world of high cybercrime. Hackers can infiltrate a store’s POS system, employee issued cell phones, and other company computer and telephone systems. Paying for prevention is much lower than the average cost a small business pays out after a breach—losses of over $36,000 in addition to loss of trust among one’s clients and employees.
Don’t know where to start? Here are five safety suggestions for small businesses:
- Secure Communication Channels
- Update Software Regularly
- Create Formal Security Policies
- Educate Employees on Cyber Security
- Design & Practice an Incident Response Plan
As the old saying goes, an ounce of prevention is worth… Well, your entire livelihood.
For more tips on how to protect your small business data from a security breach, please visit the FTC.gov’s tips site for protecting small businesses: https://www.ftc.gov/about-ftc/bureaus-offices/bureau-consumer-protection/small-businesses
JPMerc & Co., Inc. has been delivering enterprise quality IT solutions to small and midsized businesses in the greater Boston area and beyond since 2005. Contact us and let’s discuss your company’s IT needs.