How to Protect Against a Data Breach

[Audrey McNeil <audrey () riskbasedsecurity com>]

http://independentretailer.com/2014/03/20/how-to-protect-against-a-data-breach/

In recent months, a combined 41 million customer credit and debit cards
were compromised, due to a string of cyber-attacks on two high-profile
corporate chain stores. As a small business owner, your footprint may be
smaller than a mass-market retailer, but you are subjecting yourself to a
huge risk if you are not making data protection a top priority.

Although it may seem like a time-consuming task, setting up proactive
security measures to help prevent network intrusion is well worth the
effort. The National Small Business Association reported that a single
cyber-attack costs a small business an average of $8,669.48, further
proving that data hacking is prevalent amongst businesses of any size. A
data breach on a small business does not only take a major toll
financially, but also may ultimately lead to decreased sales, reduced trust
and a tarnished reputation. Here are a few simple steps any small business
owner can take to help protect against a breach.

Protect computers and mobile devices

Install and regularly update antivirus and antispyware software on
computers and devices used in your business. Research shows that more than
nine out of 10 small businesses believe they are safe from malware and
viruses. However, with 52 percent of data hacks occurring through network
intrusion, according to a 2013 Data Breach Investigations Report, it is
crucial to not only take the first step of installing precautionary
software, but regularly maintaining it. In fact, 53 percent of businesses
check their computers on a weekly basis to ensure that antivirus,
antispyware, firewalls and operating systems are up-to-date, and 11 percent
never check them at all.

Secure physical and digital environments

Business owners need to understand how physical and digital environments
are interconnected. Security breaches, whether physical or digital,
typically boil down to access. Thus, securing the premises of any
establishment is a critical first line of defense in protecting
point-of-sale systems, computers and hard drives that live within the walls
of the business. The next layer of defense is to protect data on devices
using appropriate encryption and data security software, and similarly
protect mobile devices such as tablets and smartphones that are even more
vulnerable to be lost or stolen.  As a leader in protecting physical
domains of small businesses, ADT recently announced a partnership with
McAfee to bridge the gap between physical and digital security, and
ultimately introduce new solutions to address both areas of vulnerability.

Establish data security guidelines

Small business owners should create data policies and provide adequate
training to ensure employees are equipped to handle sensitive and
personally identifiable information (PII). The National Cyber Security
Alliance found that only 28 percent of U.S. small businesses have formal
Internet security policies, leaving the remainder at risk. Business owners
should start by assessing how they collect, process and store data, along
with identifying the individuals in their company who have access to
various levels of information. This exercise will help in identifying risks
and establishing policies and training unique to the business.

It is a new era in the world of cyber security, and as a small business
owner, vigilance is critical in protecting consumer and company
information. Act now, before a risk becomes a reality.

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!