Just imagine it
How would it be if one day you lost your financial data, your customer records or your inventory database? And what if your company’s sensitive personal information landed in the wrong hands?
Significant data loss can easily bring a business to its knees. And if you’re a small to medium-sized organisation, you may be particularly vulnerable. When it comes to cyber breaches, criminals find SMBs the easiest targets. Ransomware attacks on SMBs – where business data is held hostage in return for payment – are rife in Australia, second only to the US.
No business is immune, and the risk is real. If it hasn’t happened to you already, there’s no guarantee it won’t happen in the future. So, what can you do protect your business from, and deal with, data loss?
Here are some tips.
Do a data inventory
Prepare a data inventory that sets out what data you have, in what locations and their priority level in terms of security needs. What types of data can you least afford to lose? Business-critical data should be given the highest priority and be the initial focus of your data security plan. From there, develop a set of policies for protecting that data. These policies may include determining who in your business can access what data, limiting access on a ‘need to know’ basis. It would also be smart to set security protocols for mobile devices such as laptops, smartphones and tablets.
Store important data offsite
While it’s highly unlikely that your office will ever burn to the ground, treat your data as though it’s a real possibility. If your data is backed up using technology that’s located in your office only, your firm is vulnerable. Have your data backed up in at least one safe, offsite location (including a trusted cloud services provider). Update your business information as frequently as you possibly can. Losing half a day’s data might be a manageable inconvenience, but the loss of a month’s worth could stop your business dead in its tracks.
Keep your software and systems up to date
If it’s been a while since you’ve updated your operating systems and software, you’re at a greater risk of a data breach. While software vendors can’t completely protect you from malware, their software updates often contain bug fixes and ‘patches’ that address the latest security threats. Be sure to install operating system and software updates, especially antivirus software, as soon as they’re released.
If a mobile device gets lost or stolen, it’s critical that the business information they contain is protected.
Encrypt your data
These days employees often hold business data on their laptops, tablets and smartphones. If one of these devices gets lost or stolen, it’s critical that the business information they contain is protected. Encryption ensures that only an authorised person – typically the device owner – can access the data. Fortunately, most business software applications have encryption built in. You’ll have to go through a few steps to activate it but it’s well worth the trouble. There are also plenty of data encryption software tools to choose from, tailored to the needs of your business.
Educate your staff
It’s been estimated that at least half of data loss incidents occur because employees don’t know how to properly safeguard data or are simply careless. Educate your staff (or have them educated) on the importance of data security. Make sure everyone is aware of your company’s data protection policies and let them know what data they can and cannot access and store on their computers and mobile devices. Your employees may, for example, be unaware of the dangers of malicious email attachments, restricted websites, weak passwords and other access points commonly used by online criminals.
In case of trouble, use professionals
Most SMBs don’t have the internal expertise to properly manage a significant data loss incident. Allowing a non-expert to recover lost data may, in fact, make the problem worse. Best bet is to engage a reputable disaster recovery service provider. Ideally you would have already done your research on the best vendor to call on in the event of lost data or a cyber attack.
A final word…
Between now and the end of 2018, many Australian businesses will experience a destructive data loss incident. The stakes are simply too high not to act. The more you focus on data security, the more you ensure the future survival and prosperity of your business.