It seems that every week, the media becomes aflutter with the story of a new gigantic data breach that has exposed thousands of individuals’ private data to malicious hackers. For consumers, this information is shocking and scary — but for businesses, especially entrepreneurs and start-ups, the threat of data theft is absolutely terrifying. If massive corporations like Target, Niemen Marcus, Home Depot, and others can’t avoid security breaches, small businesses must surely be easy targets for savvy hackers.
Fortunately, small businesses can be protected without million-dollar budgets. With the following simple strategy and a company-wide emphasis on data security, any business should stay safe and secure from the hacking threat.
Use Trustworthy Software
A small business is only as secure as its weakest software, which means that most small businesses rely on the strength of their point of sale (POS) systems to keep customer information safe. Not all POS systems are reliable; just last year’ Apple’s Square software was revealed to transfer data unencrypted from its reader to the mobile device, which provided an easy gap for talented hackers to exploit.
Fortunately, other mobile card readers are safer. As long as companies find POS software that complies with the Payment Card Industry Data Security Standard (PCI DSS) and they know how and where their software uses customer data, small businesses should remain secure.
Don’t Store Sensitive Information
There is a big push in modern marketing to collect and store as much data as possible. Big Data, as the exabytes of information are called, is used to refine a company’s selling strategy, improve communications with consumers, and various other tricks to increase the bottom line. As a result of this trend, plenty of small business owners have begun collecting their customers’ addresses, phone numbers, payment information, and more and storing it to ostensibly use “later on.”
This is a bad idea. The more personal information a small business saves on its servers, the more tempting it becomes as a hacking target. Small businesses who want to keep track of their customers should limit the type of information they store to harmless data, such as names and email addresses. Then, if a security breach does occur, you can happily inform your customers that their card numbers are perfectly safe.
Tell the Truth
Small businesses who must collect data should be transparent about its use as well as the company’s measures to keep personal information safe. Customers are more likely to relinquish sensitive material if they are comfortable and confident with the small business asking for it. Plus, if a leak does occur, customers will know exactly what information was at risk, and they will be able to act fast to keep their own funds safe.
Know Your Employees
People like to imagine hackers as faceless computer geeks living in shady, malicious Eastern European countries, but in reality, studies show that most leaks are caused by careless or spiteful insiders. That’s right — small businesses have the most to fear from the employees that keep the company running.
Therefore, it is important that small businesses approach every interview as a potential threat to security. Assembling a trustworthy team is a good first step, but small businesses should also strive to ensure employees follow all security rules.
Know Your Customers
Even the lifeblood of the small business, clients and customers, may pose threats to security, especially for online vendors. Small businesses should pay attention to buying behaviors that might signal a scam. Any of the following activities by new or unknown customers may indicate that a thief is trying to circumvent security measures and rob a small business blind:
- Purchases in bulk, indiscriminate of products’ size, color, or style
- Expensive purchases made without questions
- Multiple purchases during early morning or late night
- Attempts to rush or distract the cashier during purchasing
- Multiple purchases and returns in the same day
Continue to Improve Security
It is never enough to install a firewall and a handful of deadbolts and assume the business is secure. Small businesses should always be on the lookout for updates and new versions of trustworthy software that can keep their data safe. The war wages on between hungry hackers and savvy small businesses, and complacency is never a welcome attitude.