As a small business owner, you know that your business and client information is valuable to your company. What you might not realize is that your business information might be valuable to someone else. If your company doesn’t do a lot of business on the internet, you might also believe that your low internet profile will protect you from people trying to steal your information.
The reality is that if you’re on the internet, you are vulnerable. This is true for individuals on their home machines, and for business owners storing and sharing information on the company server. If you have information, then it is valuable to someone, and someone is looking for it.
In a nutshell, all of your company information has value; it ultimately depends on what the intruder wants to do with that information.
For example, if the hacker’s primary goal is monetary gain, then he might go after all of your customer account and payment information; or he might go after your company’s banking and financial information. On the other hand, if he is looking to copy and steal your products, then he will be more interested in your research and development, materials, suppliers, and other information pertaining to the design and manufacture of your products. If he is simply looking to be disruptive, he might not so much as steal your information as alter it, or move it around, to disrupt your workflow.
When it comes to how you store and access information on your company machines, and company servers, you need to treat every bit of information as valuable, and protect it accordingly.
Protecting Your Electronic Valuables.
Even if your house is located in a secluded area, you are not likely to leave the door unlocked when you leave the house. Even if you leave the door unlocked, you are probably not likely to leave all of the doors and windows wide open so that anyone can get in.
The same goes for the building that houses your business. You protect the things inside the building by keeping the doors locked after hours, and only allowing certain employees to have the keys to the kingdom. You might even have an alarm system for an added measure of protection.
Protecting your electronic valuable is no different than protecting your physical valuables. The best place to start is with your employees and the equipment they use to access your company information.
Your Employees and Their Equipment
You might have employees, like sales staff, who have to access the internet from the field. You might also have employees who need to do work after hours at home, or on the road. Chances are many of these people will use their own computers, smartphones, and tablets to do it.
Unfortunately, they probably also use public Wi-Fi systems, when they are on the road, and their own home internet systems might not be that secure, which can leave their devices vulnerable to intrusion. If they have any confidential business information on those devices, then that is information also vulnerable.
Even if they avoid public Wi-Fi systems and lock down their own networks, their devices could still be at risk if their virus or internet security software is not up to date. If they are using smartphones or tablets, chances are they won’t have any security software at all. If they also use these computers and devices to connect to your business servers, that could leave your network vulnerable to viruses and other malicious software.
If you regularly rely on your people to access your company servers remotely, or access the internet from the field, one of the best things you can do is require all users to work on company-issued and company-configured machines, that way you can control what software is installed on the machine, including internet security software.
If providing company machines is not in your budget, then your next option is to require anyone who connects to your network to have virus or internet security software, and keep it up to date. This is true whether they have a PC or a Mac, because Macs are becoming more vulnerable to attacks and can no longer be considered virus proof. Companies like Sophos, Norton, and Trend Micro are making some of the best antivirus for Mac programs on the market.
You should also require them to set a password on their computer, or mobile device, and make sure the device locks if the lid is closed, or after a certain amounts of inactivity, so that if it is stolen, someone would have to get past that layer of security to access the data.
They should also avoid storing confidential data on their personal devices; and store them on a secure cloud server instead. That way, if someone gets past the lock screen password on the device, they still can’t get to the data.
If someone is using their device for work, they should avoid loading apps or software, especially games, unless they are specific to work. Mobile apps, and computer software packages, can contain malware or have settings that put the data on the device at risk.
For your part, as the business owner, you should give your employees incentives to keep their personal machines up-to-date, and to stay away from public Wi-Fis.
For example: you could reimburse them the cost of their mobile data plans, so that they can make sure have enough data to connect securely to the internet, or use their smartphones as a secure hot spot. Or, you could buy multiple licenses for an internet security package, so that they can install the software onto their machines and don’t have to pay to renew the service every year. Another option is to invest in a secure cloud storage option, so that your employees can access company information without storing it on their machines.
All of those options can be much more budget friendly than buying or leasing equipment for all of your employees, and will ensure that they adopt the necessary security measures to protect your company information.