The first step in a holistic approach to data security is to look for ways to keep your own internal gatekeepers on the right page. As part of your company’s ongoing security training and awareness program, right now is the perfect time to remind employees of safe browsing techniques. The reason? Human nature says that work and personal lives are combined in our fast-paced world. People will be doing at least some portion of their online holiday shopping (or, at the very minimum, gift browsing) while they’re at work.
Unfortunately, shopping on the Internet is inherently dangerous. Hackers regularly target sites where they know credit card and other sensitive information will be gathered, because sometimes those sites aren’t as secure as they should be. And if one of your employees unknowingly visits a compromised website, there’s a chance they may bring malware or other threats into your business’s network. It’s a risk many SMBs may not think about, but it’s something that becomes even more important as employees’ online activities on prime shopping sites ramps up.
By protecting your employees from potentially dangerous Web-based threats, you’re also putting better safeguards around your customers’ data. If a hacker is able to infect an employee’s computer with an unauthorized program, they may now have access to the information you’ve been trying so hard to defend—customers’ names, e-mail addresses, your company’s financial information or credit card numbers and other payment information.
Even with the best education efforts on the part of the SMB and diligence exercised by employees, there’s still the possibility a compromised website will be visited and a virus or other malicious software will make its way into your network. Considering the very real risk these threats pose, SMBs should proactively leverage other tools already available to them to help avoid the potential for a data breach.
One strategy that offers significant protection without a lot of fuss is encryption. To ensure customer data remains safe, consider encrypting the sensitive and confidential data on your network. That way, if a hacker is able to gain access to your network, at least the most valuable information you have still won’t be exposed. Data breaches are costly even beyond fines, penalties, and the cost of repairing your systems. They also can have devastating effects on a small business’s reputation. Customers’ loss of trust is a difficult thing to rebuild. Encryption is a step that takes only a small amount of effort and resources up front, but can prevent big problems down the road.
Deena Coffman is CEO of IDT911 Consulting and Information Security Officer for IDentity Theft 911.