Last week, a massive data breach from Marriott hit the news – another in the long stream of breaches we are becoming accustomed to hearing about. The breach began in 2014 and went undetected until this September! As many as 500 million clients’ data was stolen, including personal information like names, addresses, email addresses, phone number, passports, and credit cards.
Data breaches are so commonplace that the term “breach fatigue” has been coined. Consumers are becoming desensitized to news of security lapses because they hear about them so frequently. Such incidents are treated apathetically – especially if they believe there’s nothing they can do to prevent future breaches. But there are steps that can be taken to protect yourself and more importantly, your business.
Small and Medium Businesses and Cybersecurity
It’s true that only massive security breaches involving large corporations hit the headlines, but small to medium businesses are just as vulnerable to cyberattacks as larger companies. One report by Verizon states that 61% of data breach victims are small businesses.
This is because small businesses fall into hackers’ cybersecurity sweet spot. They have more digital assets to target than an individual consumer, but less security than a large enterprise. Also, hackers know that smaller companies tend to be less careful and underestimate their risk level. This complacent attitude can cause a lack of concern and therefore investment in cybersecurity protection. Since security breaches can be devastating to a small business, they are more likely to pay a ransom to get their data back. Payday for the hacker!
Think of a winter blizzard (I know, it’s not pleasant to even think about, but stay with me…) It’s freezing outside, ice pellets sting your face as you pull your coat tight to shield your body from the extreme cold. You would never consider going out in this weather without dressing properly. You would put on many layers of protection, from the hat on your head, your scarf and warm coat, to your thick, wooly winter boots. Similarly, to protect ourselves from the storm of Cybersecurity threats out there, you need many protective layers. Just one or two barriers is not sufficient to safeguard your valuable data. The following suggestions work together to provide multiple safeguards:
A good Antivirus will defend against most types of malware.
Firewalls, which can be implemented with hardware and software, provide additional layers of protection by preventing unauthorized users from accessing a computer or network.
Data backup ensures that if any information is compromised or lost during a breach, it can easily be recovered from an alternate location. This protects the business owner when dealing with a ransomware attack. Having access to your data means you won’t need to pay an expensive ransom price to keep your business running.
Encryption software protects sensitive data in case a laptop or thumb drive is lost or stolen.
Two-factor or multi-factor authentication confirms a user’s claimed identity by requiring not just the username and password but also a code that only a specific user has access to. This code can be sent to their cell phone or generated by a hardware token.
Password Manager software improves password habits by producing strong, unique passwords for each login.
Keep your software up to date. Updates fix security-related problems that make the system vulnerable to attacks and otherwise deal with errors, helping your computer run better.
Understandably, it can be overwhelming to consider all the options. Each business’ needs are unique so there’s no one-size-fits-all security solution. As a starting point, allCare IT recommends running a risk assessment which will pinpoint any security weaknesses. We can then make recommendations on how to fortify these weaknesses.
It is important not to become complacent and allow your business and your clients to continue at risk to security breaches. The fallout of a breach is not only embarrassing to a business – as you have seen from the bad press companies like Marriott receive – but it can be financially devastating to your business.
Let’s work together to ensure your business is layered up with protection from the ever increasing cybersecurity threats!