Data Security for Small Business 


Contact Us Today!

According to a recent study, 90% of businesses reported security breaches in the past year (see link below). Data security is a concern that all businesses face, not just large corporations. The cost of a breach can be massive in both financial terms as well as in its effect on reputation. Regaining customer trust is difficult and does not happen quickly.

Proactive Versus Reactive Security:
Security is really only effective if it is in place and operational before it’s needed. Implementing security measures after a breach has already occurred is both irresponsible and unprofessional. If it’s found that you had unsatisfactory security measures in place prior to the breach, your customers may decide to sue if their data is at risk (personal information, credit cards).

With a proactive security system you will be a step ahead of any malicious attacks. Even if your system is not perfect, it will likely deter attackers as they pursue easier targets.

Assess Risk:
Security is a very complex issue and many would find at least parts of it very difficult to grasp. Accepting a lack of infinite resources and occasionally, conflicting goals, business owners need to establish priorities. This is accomplished by accessing risk. Certain risks are relatively low in probability. For example, the chance of your business’s data center being attacked by aliens is probably a relatively low concern, but the chance of having a device with sensitive data on it lost or stolen is significantly higher. The following is a risk assessment table that can be used to calculate risks and make priorities:


High Consequences (3)

Moderate Consequences (2)

Low Consequences (1)

High Likelihood (3)

Threat - 9

Threat - 6

Threat - 3

Moderate Likelihood (2)

Threat - 6

Threat - 4

Threat - 2

Low Likelihood(1)

Threat - 3

Threat - 2

Threat - 1

Once the top risks are identified it is prudent to move quickly to implement safeguards and protocols regarding them.  Moderate and lower threats can be addressed following this as soon as time allows. 
Security risks should be assessed ongoing on a regular basis and not just at the start of a business or when you move locations. At a minimum they should be done once a year as part of your annual business planning process.

You’re as Strong as Your Weakest Point:

Your most sensitive data might be locked away behind many firewalls, and locked in the back room. That is very good, however anyone looking to exploit malicious code will almost certainly not try to breach your secure server, or encrypted data directly. That is extremely risky, and has a much lower chance of success versus an easier target. Think of what has access to the data on your secure server. Do your employee’s laptops have access? How about the point of sales devices you may be using to enter credit card data? When you're logging in are you doing so in an environment that isn’t secure such as a home computer, vulnerable wireless network, or not using a VPN? The best malicious software is extremely hard to detect, it’s also able to move from machine to machine once it’s infiltrated a network.

What Can I Do?
The best way to remain secure is to become proactive and diligent in regards to your business’s data security.

  • Always use secure measures such as a VPN when connecting to your business’s network.
  • Have safeguards in place to remotely wipe the sensitive data of any device that could be lost or stolen.
  • Use a secure wireless encryption method on your business’s network, like WPA2 Enterprise.
  • Give employees access only to information they need.

Perhaps the most important thing is to treat the data security as a top priority, and to devote the appropriate resources to it. Proactively protecting your data is much more effective (and cheaper) in the long run, than cleaning up the fallout of a breach.

Article: Perceptions about Network Security:

Read More Articles

Contact Us Toady!







Twitter Facebook