How to Reduce Business Data Breach Risk?
Businesses getting a lot of data and information like customer names, addresses, phone numbers, passwords, and payment information.
There is also a great deal of internal data required for day-to-day management of businesses, such as employee records, IDs, network passwords, patents, and other corporate intellectual property. All of this data is something hackers want to get their hands on.
Not doing so is becoming riskier and can cost you more money each year.
The cost of a breach continues to rise as well — the average cost of a breach in the United States is $8.2 million. That is 4% higher than in 2018 and 61% higher than the global average cost per breach.
Costs of a breach cover a number of activities, from identifying that it has occurred to contacting those affected, paying regulatory fines and of course, loss of business.
Based on cost per employee, smaller businesses can suffer disproportionately more cost than larger enterprises.
According to statistics collected by “Small Business Trends,” 60% of small companies are out of business within six months of a cyberattack. On top of all that, McAfee, a leading antivirus provider reports that more than 480 new high-tech cyberthreats are introduced every minute.
Here are some of the things any business can do to reduce the risk of a data breach and help reduce the cost of one if it happens:
Here is the 10 TIPS you can implement, although we do recommend a customised solution.
1. Create a business data security policy explaining which data is considered sensitive, the methods and processes in place to secure that information, and how you will keep the security policy current.
2. Train your employees on a regular basis about company security policies and processes. Majority of breaches occur because an employee does something they weren’t supposed to do like open a file from a suspicious or unfamiliar email, download customer information to a USB drive and leave it somewhere, or send a job to a printer then forget to pick up the print from the exit tray.
3. Use secure passwords and change them regularly.
4. Use and enforce authentication on any device or service connected to the network. This covers printers and MFPs along with laptops and PCs. Multifactor authentication is even better.
5. Encrypt files that contain sensitive information.
6. Make sure a firewall is present, all network devices are behind that firewall, and anti-virus/anti-malware software is activated in the device.
7. Patch and update software and firmware on devices such as printers and MFPs as soon as those patches and updates become available.
8. Finally, monitor and automate those tasks
Use devices that, at startup, verify that their boot code, operating system, and applications running on the device have not been compromised and if they have, issue a warning and not startup.
9. Shred files that are at the end of their life and not needed any longer. This includes shredding of physical documents and digital shredding of documents on hard drives of devices.
10. Have a response plan if a breach does occur. How will you contact those affected, how will you recover the data, how will you regain customer and employee trust?
This all may sound overwhelming, so to help you protect your business, we offer managed IT solutions.
Comments are closed