There’s no doubt that the Digital Age has provided small businesses with a wealth of benefits, such as expanding customer bases through online shopping. However, these upsides come with the considerable responsibility of cyber security awareness and properly managing and protecting data. In a 2016 survey conducted by the Connecticut Business and Industry Association, 78 percent of small business respondents worry about cyber security issues, but only 57 percent have a disaster recovery plan in place to respond to data loss due to natural or man-made disasters. There are few things more terrifying to a business owner than discovering that customer, personnel or financial data has disappeared due to theft, viruses or hardware failure, which is why it’s surprising to hear that a number of businesses aren’t fully prepared to deal with cyber-related issues. We’ve covered cyber threats on our blog before, but since October is National Cyber Security Awareness Month there’s no better time to revisit how businesses should be handling data storage, management and security.
Here are some data protection tips that can help you get started with your own management plan:
1. Select the appropriate data storage solution
The first thing you’ll need to do is catalog all of your data, including what it is (e.g. financial records, customer information, personnel records, etc.) and where it is located (e.g. personal computers, thumb drives, servers, etc.). Once you know how much data you’re dealing with, you’ll need to select a uniform method for storing and accessing it. There are several options for storing data, and they’re all relatively cost-effective for businesses. For example, you could use Cloud storage services, which not only offer a centralized place for you to securely store data and files, but also a simple way to share digital assets with co-workers or clients without sending files as email attachments. Business owners who would prefer an internal solution over paying for a third-party service can go with a network-attached storage (NAS) system. NAS systems store data on a central server that can be accessed by computers connected to it via Wi-Fi or other secure network connection. These are just a few of the options available today, giving nearly any size business the opportunity to find a system best suited to their needs and budget.
2. Establish data back-up procedures
After you have all of your data properly cataloged, stored and secured, you need to safeguard your system by regularly backing it up. There are many types of back-up procedures that you can use; for example, one simple strategy breaks down data backups into two parts – one that is a local system easily accessible from your business and one that is stored offsite. Offsite storage, whether on a physical disc or on a Cloud service, is especially important because it safeguards you from accidents or natural disasters that might damage your onsite storage system. If a flood or a fire destroys the servers in your office, you can rest (somewhat) easier knowing that your important data is safe and sound at another location.
3. Install antivirus software
A proper data security and management plan also covers the devices used to access your business data, or in other words, the computers that you and your employees use on a daily basis. However, using hard-to-guess passwords and regularly changing them isn’t enough to protect your system from outside infiltration. Bolster your digital security by installing an antivirus software solution that will provide real-time protection by continually scanning your machines for potential viruses. There are many free software options available on the market today, but with your sensitive data at stake it’s worth considering a subscription to a premium antivirus service. Small Biz Trends outlines some of the software offerings that provide standard antivirus protection in addition to features such as password and firewall management.
4. Use mobile device management software
Smartphones, tablets and other mobile devices have opened the door to more flexible work schedules and environments, but with them come increased data security risks. Mobile devices store more information than you might think, such as Wi-Fi passwords, contact info and addresses, and that info is vulnerable to unwanted access should the device be lost or stolen . If you issue corporate smartphones or other devices to your employees, you need to investigate mobile device management solutions. These tools provide the ability to locate, lock and, if worst comes to worst, remotely wipe lost devices that may contain sensitive information. PC Magazine offers a thorough overview of mobile device management solutions that can provide businesses the appropriate level of control they need over smartphones and other devices used for work-related tasks.
5. Hit refresh!
After you’ve established your plan for managing and protecting your business data protection and management, you need to regularly revisit it and make any necessary adjustments. As technology (and the cyber threats that come with it) evolves faster every day, you need to make sure your policies are up-to-date with the latest device capabilities, safety risks, and federal and state security requirements. In other words, don’t forget to hit the refresh button on your management and security plans to ensure your data remains as safe and secure as possible in the years to come.
Written by Kasey Beckendorf
Compliance Officer, Union Savings Bank