According to statistics, 70% of small businesses, affected by data breaches, go bankrupt
How to protect your business from information leakage.
Since 2006, 17 May has been celebrated annually as World Telecommunication and Information Society Day . In honor of this event, PaySpace Magazine offers 7 tips for small business owners to protect their customers' confidential information.
First, you need to have a clear understanding of the possible threats. Among the most common reasons for the leakage of confidential information, experts at the Privacy Rights Clearinghouse point out the following:
1. Inadvertent disclosure or untrustworthy employees.
Someone from an organization may accidentally or deliberately send confidential information about a company or customer to a website (for example, a social network) or via email.
2. Hacking or malware.
Attackers gain access to your computers or servers (usually due to weak passwords or misconfigured firewalls) and steal or destroy data using malware.
3. Fraud with plastic cards.
Most often, information about bank cards is stolen by hacking payment terminal systems.
To save money, many small businesses use a shared file storage server. This means not only that many different sites, programs and scripts are launched on one machine. But also the fact that in addition to your company's employees, other people also have access to your server. Thus, your site may be more vulnerable due to the weak security of another site. Although a dedicated server is more expensive than a general one, using it will significantly reduce the chances of your site being hacked.
Keeping confidential information unencrypted always puts it at risk of leakage. In addition, by sending data over the Internet through an improperly secured channel, you yourself open the door to cyber fraudsters.
You can use an already hacked site for some time without even knowing it. Therefore, it is necessary to use services that protect your site and its visitors from possible hacking threats and malware.
As part of the privacy policy, people who “do not need to know” should not have access to personal data and documents of customers, both in paper and electronic form. If any of your employees need to access the corporate network while traveling or working remotely, make sure their laptop offers secure VPN access.
The media have repeatedly talked about cases where information leaks occurred after documents were thrown away. Any existing consumer data in paper form that you no longer need must be destroyed by incineration or shredding. To get rid of data in electronic format, it is better to use special cleaning programs that can completely delete the selected files on the hard disk.
Advanced developments offer new and fairly reliable methods of ensuring security. For example, there is special software for a computer that uses face recognition technology. It is able to distinguish whether an employee is looking at the screen or not. When he looks away, the image on the screen is blurred and becomes illegible for strangers.
Whatever level of security your enterprise adheres to, it is always worth having a clear plan of action in case of information leakage or breach. Think about how and through what channels you will notify clients if necessary, whether you can engage specialists in time to correct the situation. This will allow you to quickly respond to a possible incident and significantly reduce the negative consequences for both customers and your business reputation.
How to protect your business from information leakage.
Since 2006, 17 May has been celebrated annually as World Telecommunication and Information Society Day . In honor of this event, PaySpace Magazine offers 7 tips for small business owners to protect their customers' confidential information.
First, you need to have a clear understanding of the possible threats. Among the most common reasons for the leakage of confidential information, experts at the Privacy Rights Clearinghouse point out the following:
1. Inadvertent disclosure or untrustworthy employees.
Someone from an organization may accidentally or deliberately send confidential information about a company or customer to a website (for example, a social network) or via email.
2. Hacking or malware.
Attackers gain access to your computers or servers (usually due to weak passwords or misconfigured firewalls) and steal or destroy data using malware.
3. Fraud with plastic cards.
Most often, information about bank cards is stolen by hacking payment terminal systems.
To save money, many small businesses use a shared file storage server. This means not only that many different sites, programs and scripts are launched on one machine. But also the fact that in addition to your company's employees, other people also have access to your server. Thus, your site may be more vulnerable due to the weak security of another site. Although a dedicated server is more expensive than a general one, using it will significantly reduce the chances of your site being hacked.
Keeping confidential information unencrypted always puts it at risk of leakage. In addition, by sending data over the Internet through an improperly secured channel, you yourself open the door to cyber fraudsters.
You can use an already hacked site for some time without even knowing it. Therefore, it is necessary to use services that protect your site and its visitors from possible hacking threats and malware.
As part of the privacy policy, people who “do not need to know” should not have access to personal data and documents of customers, both in paper and electronic form. If any of your employees need to access the corporate network while traveling or working remotely, make sure their laptop offers secure VPN access.
The media have repeatedly talked about cases where information leaks occurred after documents were thrown away. Any existing consumer data in paper form that you no longer need must be destroyed by incineration or shredding. To get rid of data in electronic format, it is better to use special cleaning programs that can completely delete the selected files on the hard disk.
Advanced developments offer new and fairly reliable methods of ensuring security. For example, there is special software for a computer that uses face recognition technology. It is able to distinguish whether an employee is looking at the screen or not. When he looks away, the image on the screen is blurred and becomes illegible for strangers.
Whatever level of security your enterprise adheres to, it is always worth having a clear plan of action in case of information leakage or breach. Think about how and through what channels you will notify clients if necessary, whether you can engage specialists in time to correct the situation. This will allow you to quickly respond to a possible incident and significantly reduce the negative consequences for both customers and your business reputation.
