You’ve seen the headlines about businesses having major data breaches. The ones that make the news are usually large global corporations with thousands of customers: a lucrative target for hackers. You may think that as a small business, you don’t have to worry about this stuff. Who’s going to be after your data?
The reality is that small businesses are at huge risk. According to research by McAfee, 45 per cent of SMBs experienced a targeted electronic attack in the past twelve months, and 21 per cent were attacked three or more times. You can’t stick your head in the sand: data security is everyone’s business.
So is your business data secure? Here’s a checklist of things to consider.
1. Your own privacy obligations
If your business collects personal information, it may have obligations under the 1988 Privacy Act as well as the more recent Australian Privacy Principles to protect customer data. For this reason it’s critical that you keep your data secure. Make sure you’re aware of what your responsibilities are.
2. Your provider’s security
Software and datacentre providers are also required to comply with Australia’s strict data protection laws. Because of this it’s important to choose a reputable company with stringent privacy and security policies of its own, that stores its data in secure data centres. Well known, listed companies have extra levels of legal and financial scrutiny and can be more reliable.
3. Your network security
If you haven’t put your data in the cloud, then you need ensure your own network is secure. Not just against cybercrime but also possible disasters. From firewalls to anti-malware protection, ensure you are secure. Invest in a professional security audit: it could save you multiple times over in the long run.
4. Your disaster recovery plan
Fire, flood, hardware meltdowns: there are any number of disasters that you can’t anticipate that could result in catastrophic data loss. Do you have a Disaster Recovery plan? If not, set one up and test it. How quickly can you restore your data from a back up? Every hour you are out of operations you could be losing customers. If you’re with a cloud provider, what’s their uptime and recovery time?
5. Your accounting software
Fraud and industrial espionage are another potential threat. No matter how small your business, your data is valuable to a competitor somewhere. Even if you managed to identify and prosecute the perpetrator after the event, the damage is done. Professional small business accounting software can help protect you against internal fraud as it has built-in audit trails. It also lets you customise access levels to different employees.
6. Your historical data
Having access to past data helps you make better future business decisions and also facilitates any audits. It’s actually a legal requirement under Section 286(2) of Australia’s Corporations Act for financial records to be kept for seven years. Keeping these records in a physical form can be costly, but fortunately you’re allowed to keep them electronically. This is something that a good online accounting package can handle for you. It’s all online and filed and stored by date, so you can ditch the dusty filing cabinets and pull up whatever you need, when you need it.
A data security breach is a nightmare on many fronts, and it’s no wonder that a serious breach can drive a business to bankruptcy.
- You’ll face possible financial loss from the disaster itself
- You may be hit with hefty fines – of up to a million dollars – for failing to protect customer data
- Your competitors may get their hands on sensitive commercial information
- There’s the cost of crisis management, such as notifying customers and possibly hiring a crisis public relations firm
Finally, however you handle it you’ll likely face customer loss. A Ponemon Institute study found that 29% of existing customers would end their relationship with a company following a data breach.
Could your business cope with these kinds of issues? Most couldn’t. That’s why you should make business data security a priority.