There are simple measures every business can put in place to avoid the risk of cyber-attacks.
Protecting your business data is as important as protecting your physical assets. While insurances can cover the cost of replacing building infrastructure, inventory, machinery and equipment or vehicles, business data is not so easily replaced.
What is business data?
Data is the lifeblood of your business. Think about all the databases and information you’ve invested time and effort in building over the years, including your customers’:
- personal and business details
- payment details and order history
- name, phone number and address
- relationship history with your business.
As well as business records such as your:
- business strategies and market intelligence
- contracts and legal documents
- emails and attachments
- intellectual property
- marketing database
- payroll and employee data
- product inventories
- taxation records – past and present.
Your business data is your business. The success of your business depends on it.
Why criminals target business data
Your data is a valuable business asset which can be monetised by cyber criminals. Criminals can sell your data wholesale to others for mailing lists, identity theft, phishing, ransomware and scams, or even to your competitors. Your business data can be worth a lot of money in the wrong hands.
How is business data lost?
Criminals can infiltrate your computer systems, via phishing or malicious software, in order to steal your business data and on sell it to other criminals or your competitors (this is known as a data breach).
Or your computer systems may be targeted with ransomware, which encrypts your files, rendering them useless.
In addition to the malicious threats posed by cybercriminals, consider the damage that can be caused by your own employees, such as:
- accidently sending confidential information to the wrong person
- losing a phone or storage device with customer information on it.
Whether by human error or crime, the result for your information, your business, and your reputation is the same.
How much would it cost to recover your lost business data?
Studies show that a business may lose 30% of their customers following the loss of customer data. It costs up to $142 per record to replace. Losing business data could mean losing your customers, your income and your employees. It could also destroy your reputation as a trusted business.
While it may be possible to recover or rebuild your business data over time, your business may not be able to operate for long, or at all, without it.
What can you do to protect your business data?
Investing time and effort in developing a business data protection plan is the best insurance for protecting your valuable data.
A business data protection plan includes researching and investing in:
- a firewall to block unauthorised access to your office network
- secure backup and recovery systems and processes
- solid password and administration processes secure storage.
It also includes regularly:
- scanning your computer systems for threats with an up-to-date anti-virus software
- keeping Operating Systems, applications and web browsers up to date.
Above all, ensuring your employees are aware of how to manage business data securely is the safest insurance for protecting your data.
Block unauthorised access to your network
Install a firewall to block unwanted access to your network. You can find out how to activate a firewall by searching on the Support pages of Microsoft’s website or the Support page of Apple’s website.
Limit the number of employees with full administrative access to your network. You can do this by checking the settings and options available on your network router.
Importantly, the success of blocking unwanted network access is dependent on strong passwords.
Backup your data regularly and practice recovering it
Your business data should be backed up outside of your day to day office network. Backup data to cloud storage or an external hard drive that’s separated from your network. A secure copy of your data ensures that if anything goes wrong, you can always get access to it.
If you’re using external storage media, make sure you store it securely off-site. Unless you’re performing a backup, always disconnect it from your network. Give it a test run regularly to make sure you can recover your data if you ever need to.
Know where your business data is stored and the devices that can access it
Any device that connects to your office network in any way is a risk to your business data. Ensure that all your employees:
- secure their mobile devices with a PIN or password
- only use secure Wi-Fi to access any information related to your business
- minimise the business information they store on their mobile devices, including emails.
Storing your data in the cloud
Cloud storage services are useful if you want to make sure that your data is backed up and accessible anywhere. But, where is The Cloud?
The cloud is simply someone else’s computer. Any time you backup or save your data to the cloud, it (and potentially several copies for safety) is saved to physical servers located somewhere in the world. While many of these servers have state-of-the-art security, others may not, and that might leave your data available to criminals. That’s why it’s important to encrypt your data when you backup and choose a reputable storage provider.
Make sure your data is safe no matter where it is located.
For more information, check out Stay Smart Online's Backups Business.
Keep software, applications and operating systems up to date
Software providers release updates to protect you against security threats as well as to provide you with the latest in functionality. To leverage the benefits and protect your data, set automatic updates for:
- anti-virus and security software
- operating systems
- web browsers
- applications and web plug ins.
Employee security awareness
Empower your employees through awareness. Employee awareness is your first line of defence against data loss. Develop your own security awareness program and appoint a security advocate to help keep employees up to date.