When a data breach occurs at a large firm or government agency, it winds up all over the news. If one occurred at a small business down the street, those unaffected would probably never hear about it. But a recent report released by Verizon found that nearly three-quarters of data breaches analyzed last year involved businesses with 100 employees or fewer.
"Most small-business owners simply do not believe they are at risk," says Lynn LaGram, assistant vice president of small commercial underwriting for The Hartford. "The reality is that small businesses are often more vulnerable - making them easier targets."
LaGram says part of the reason may be that small-business owners often don't have the time or resources that larger companies may have to assist them in protecting data. However, protecting data may not be as difficult as one would think.
For a business or organization that must handle sensitive customer, patient or employee information, it's important to take measures that decrease the likelihood of a breach. "A data breach can involve electronic or paper records," says LaGram. She shares eight data protection "best practices" for a business:
- Lock and secure sensitive customer, patient, member or employee information.
- Restrict employee access to sensitive information.
- Shred or otherwise securely dispose of all sensitive customer, patient, member or employee information.
- Use password protection and data encryption for sensitive files.
- Update systems and software on a regular basis.
- Use firewalls to control access to sites that could compromise your security and lock out hackers.
- Ensure that remote access to your network is secure.