Beef Up Security at Your Business!
May 28, 2014
With recent scams, bugs like Heartbleed and security updates in the tech industry, security is ranking high on the list of concerns for a lot of business owners. The key to staying secure is to know where the threats to your security lie. Below are ten common security threats that small businesses face on a daily basis and how to deal- from employee practices to tech trouble.
10 Ways to Beef Up Security at Your Business.
The Trash Can. That little five gallon bucket next to your desk doesn’t look intimidating, but you would be surprised how threatening it can be. All over the world, people throw away private information every day. That’s why identity theft is such a common problem. Inform your staff not to write down vital customer information like full contact information, passwords, and credit card info—or if they encounter a situation where it’s necessary—not to simply crumple it up and toss it in the trash can afterwards. This information should be shredded or dealt with by other safe means.
Careful Disclosure. Your customers will want information. We’re in an age empowered by the sharing of information. Customers will take all the details they can get about your business practices. Some might even have the audacity to ask how long that check is going to be lying around in your cash drawer before you deposit it. But be careful about what you’re saying back. Phishing scams are not just online. Telling that customer that you make nightly check deposits could lead to an unfortunate event. If you get a phone call with a customer who “Lost your boss’s personal cell phone number when their phone crashed,” that customer might not have honest intentions. Ask if you can take their contact information and have your boss get in touch personally. When in doubt, report the question further up the chain before handing over potentially sensitive information.
Mobile Security. It seems like everyone, even your three year old niece or nephew, has a mobile device these days. But is it secure? Do you have an anti-virus system on your smart phone or tablet? If you’re accessing financial information, business applications or even your email from a mobile device, make sure it’s secured. Further, make sure that the device itself is password or lock protected. If it gets into the wrong hands even for a few minutes, unsecured mobile technology can wreak havoc on your business. You may even consider restricting the use of business apps to mobile devices owned and kept up to date by the business itself.
Property Theft. Keep it locked down. End of story. Your building, including all entrances and exits should be locked down when you aren’t open for business. Only staff members who are coming in early or leaving past business hours should have access to keys or security codes to enter and leave the building. Have a locked room where you keep a safe and do all of your money counting and store copies of any sensitive information (preferably in locked filing cabinets).You should have a reliable security system in place too. Just because you’re a small business, it doesn’t mean you’re safe from theft, property damage or other criminal acts. Actually, in many cases this makes you a prime target because an efficient team of burglars can clear out a small business much more quickly and quietly than a larger one.
Software. Back it up. You probably do some or most of your computing on the cloud. Assess the security protocols that these services use to backup, store, and transmit your information before committing to a purchase. Odds are, they won’t give you specifics (because that would put their other customers at risk) but they should be able to give you information about the frequency of backups and the protocol you must follow to get a copy or have that information restored. Further, keep electronic duplicates or hard copies of the types of information your business uses on a daily basis. You never know when an electronic service could experience an outage. After all, cloud computing is just a fancy way of saying that your information is stored on someone else's secured servers in another location. If those servers experience temporary outages for updates or other events, odds are that your service will too. It’s always good to have a backup plan to access your most vital information, such as contacts.
Contingency Planning. Too many businesses either operate without a backup plan or do not evaluate their backup plans frequently enough for them to stay relevant. Risk management is all about having multiple planned routes to accomplish the same goal. If one fails, pull another one out of your arsenal. Contingency planning can save your business in more ways than one.
Insure It. Even if it seems expensive, make sure your business is covered. Whether it’s your physical facility, employees, customers, ideas or equipment—spend some cash to keep it protected. No one ever plans on being in a position where an insurance claim or intellectual property lawsuit is necessary, but when it is—you will pat yourself on the back. Your business could take a critical hit without it.
Run Background Checks. You should always know as much as possible about who’s working for you. Get official background checks on anyone touching the books or with access to high level business information that can be used against you. Double check academic backgrounds and previous employment history. It may seem paranoid and it’s definitely a bit expensive, but nowhere near as expensive as improper business practices or stolen information can be. As for your run-of-the-mill employees—you can afford to take a few minutes to Google them or call up their past employers. If they’ve caused trouble before, odds are that someone is more than willing to throw a red flag your way.
Protect Your Passwords. We cannot stress this one enough. Do not use the same password for all of your logins. If you’re one of those people that thinks “MyCaTiSaWeSoMe1234!” is a good password for all of your accounts, you’re in trouble. Sure, that’s kind of a hard one to guess, but that means that if one accounts is compromised, all of your accounts are compromised. Because so many people use just one password, you can bet that the person trying to steal your information is going to try it everywhere. If you're not one to clear your browser history often, a simple glance at your internet history can provide them with all of your most frequented online accounts. Further, do not share login information to an account that holds sensitive information. For every person you tell, the odds of that information finding its way into the wrong hands increases exponentially.
Secure your Internet Connection. Do not use the same password protected wi-fi for your business transactions as you do your customer access. If you are handing out the password to anyone who walks in the building to do business, it’s not secured. Plus, that many people navigating through one access point sure bogs down the speed of the connection.
These ten simple ways to beef up your security can be real life savers when you get down to business. They aren't meant to scare you and you should definitely be able to trust the people you hire. (Otherwise, why would you hire them?) But it never hurts to err on the side of caution. Not everyone in business has the same level of dedication and honesty as you do.