Protecting your business data is as important as protecting your physical assets. While insurances can cover the cost of replacing building infrastructure, inventory, machinery and equipment or vehicles, business data is not so easily replaced.

What is business data?

Data is the lifeblood of your business. Think about all the databases and information you’ve invested time and effort in building over the years, including your customers’:

  • personal and business details
  • payment details and order history
  • name, phone number and address
  • relationship history with your business.

As well as business records such as your:

  • business strategies and market intelligence
  • contracts and legal documents
  • emails and attachments
  • financials
  • intellectual property
  • marketing database
  • payroll and employee data
  • product inventories
  • taxation records – past and present.

Your business data is your business.  The success of your business depends on it.

Why criminals target business data

Your data is a valuable business asset which can be monetised by cyber criminals. Criminals can sell your data wholesale to others for mailing lists, identity theft, phishing, ransomware and scams, or even to your competitors. Your business data can be worth a lot of money in the wrong hands.

How is business data lost?

Criminals can infiltrate your computer systems, via phishing or malicious software, in order to steal your business data and on sell it to other criminals or your competitors (this is known as a data breach).

Or your computer systems may also be targeted with ransomware, which encrypts your files, rendering them useless.

Damage can also be caused by your own employees, such as:

  • accidently sending confidential information to the wrong person
  • losing a phone or storage device with customer information on it.

Whether by human error or crime, the result for your information, your business, and your reputation is the same.

How much would it cost to recover your lost business data?

Studies show that a business may lose 30% of their customers following the loss of customer data. It costs up to $142 per record to replace. Losing business data could mean losing your customers, your income and your employees. It could also destroy your reputation as a trusted business.

While it may be possible to recover or rebuild your business data over time, your business may not be able to operate for long, or at all, without it.

What can you do to protect your business data?

Investing time and effort in developing a business data protection plan is the best insurance for protecting your valuable data.

A business data protection plan includes researching and investing in:

  • a firewall to block unauthorised access to your office network
  • secure backup and recovery systems and processes
  • set up solid passwords and administration processes secure storage.

It also includes regularly:

  • scanning your computer systems for threats with an up-to-date anti-virus software
  • keeping operating systems, applications and web browsers up to date.

Above all, ensuring your employees are aware of how to manage business data securely is the safest insurance for protecting your data.

Block unauthorised access to your network

Install a firewall to block unwanted access to your network. You can find out how to activate a firewall by searching on the Support pages of Microsoft’s website, opens in new window or the Support page of Apple’s website, opens in new window.

Limit the number of employees with full administrative access to your network. You can do this by checking the settings and options available on your network router.

Importantly, the success of blocking unwanted network access is dependent on setting up strong passwords.

Backup your data regularly and practice recovering it

Your business data should be backed up outside of your day to day office network. Backup data to cloud storage or an external hard drive that’s separated from your network.  A secure copy of your data ensures that if anything goes wrong, you can always get access to it.  

If you’re using external storage media, make sure you store it securely off-site. Unless you’re performing a backup, always disconnect it from your network. Give it a test run regularly to make sure you can recover your data if you ever need to.

Know where your business data is stored and the devices that can access it

Any device that connects to your office network in any way is a risk to your business data. Ensure that all your employees:

  • secure their mobile devices with a PIN or password
  • only use secure Wi-Fi to access any information related to your business
  • minimise the business information they store on their mobile devices, including emails.

Storing your data in the cloud

Cloud storage services are useful if you want to make sure that your data is backed up and accessible anywhere. But, where is The Cloud?

The cloud is simply someone else’s computer. Any time you backup or save your data to the cloud, it (and potentially several copies for safety) is saved to physical servers located somewhere in the world. While many of these servers have state-of-the-art security, others may not, and that might leave your data available to criminals. That’s why it’s important to encrypt your data when you backup and choose a reputable storage provider.

Make sure your data is safe no matter where it is located.

For more information, check out the Australian Cyber Security Centre, opens in new window.

Keep software, applications and operating systems up to date

Software providers release updates to protect you against security threats as well as to provide you with the latest in functionality. To leverage the benefits and protect your data, set automatic updates for:

  • anti-virus and security software
  • operating systems
  • web browsers
  • applications and web plug-ins.

Employee security awareness

Employee awareness is your first line of defence against data loss. Develop your own security awareness program and appoint a security advocate to help keep employees up to date.

Helpful resources

How we can help

If you’re a NAB customer and you believe your business or personal accounts have been impacted by fraud or a scam, we’re here to help. Explore the immediate steps you can take to protect yourself and discover when you should get in touch with us to make a report.

Learn what to do in the event of fraud or scams

Get updates on the latest fraud alerts

IDCARE

IDCARE is Australia and New Zealand's not-for-profit counselling and support service set up to assist Australians impacted by identity theft and cyber-related crimes.

IDCARE can assist NAB customers to navigate through the process when identity details or credentials have been compromised through fraud or scams. IDCARE is a free service for all Australians.

Learn more about IDCARE, opens in new window

Australian Government | Australian Cyber Security Centre (ACSC)

The Australian Cyber Security Centre (ACSC) brings cyber security capabilities from across the Australian Government together in a single location. It’s the hub for private and public sector collaboration and information sharing to combat cyber security threats. ACSC provides topical, relevant and timely information on how home internet users and small businesses can protect themselves from, and reduce the risk of, cyber security threats such as software vulnerabilities, online scams, malicious activities and risky online behaviours.

Learn more about the Australian Cyber Security Centre, opens in new window

Australian Government | ReportCyber

ReportCyber is a secure reporting and referral service for cybercrime and online incidents which may be in breach of Australian law. The ReportCyber website provides a cybercrime reporting mechanism as well as helpful information about cybercrime.

Learn more about ReportCyber, opens in new window

Australian Competition and Consumer Commission | Scamwatch

Scamwatch provides information to consumers and small businesses about how to recognise, avoid and report scams using publications, videos and other online resources.

Learn more about Scamwatch, opens in new window

Australian Government | Office of the eSafety Commissioner

The Office of the eSafety Commissioner provides online safety education for Australian children and young people, a complaints service for young Australians who experience serious cyberbullying, and address illegal online content.

Learn more about the Office of the eSafety Commissioner, opens in new window

Australian Government | Attorney-General’s Department

The Attorney-General’s Department website provides helpful information and resources about your rights and protections in regards to identity security, freedom of information and cyber security. The Department has developed a range of resources to assist people protect their identity and recover from the effects of identity crime.

Learn more about the Attorney-General’s Department, opens in new window

Important information