Bigger companies incorporate off site data destruction practices, small businesses often don’t have the financial resources to house large scale IT departments, purchase the latest and greatest technology or invest into data security.
Many a cash-strapped small business finds itself operating its critical systems on computers that are old, slow and often times insecure. This leaves them susceptible to a wide array of security pitfalls and privacy threats, including data leaks and identity theft.
Fortunately, beefing up your security doesn’t necessarily mean draining your bank account. There are many inexpensive options to improve the security of your small business and protect your information.
Geoffrey Arone, serial entrepreneur and co-founder of SafetyWeb, gave his take on 10 very real threats facing small businesses and how they can be addressed in ways that are free or inexpensive.
1. Data Breach Resulting From Poor Networking Choices
Enterprise-level networking choices that are found in large IT departments around the world carry costs that price small or medium businesses out of the market. SMBs that have networks often use networking devices targeted at home users. Some may forgo the use of routers at all, plugging directly into the internet.
Business owners can block most threats by using a quality router, like a NETGEAR or Buffalo brand router, and making sure to change the router password from the default to something more secure.
2. Data Breach Resulting From Improper Shredding Practices
Trivial as it may seem, dumpster diving identity thieves target businesses that throw out paperwork without shredding it. Your small office shredders will NOT suffice for a secure document destruction, but a industrial paper shredding company is a wise investment if private or sensitive information is printed and shredded daily.
3. Identity Theft Resulting From Public Databases
Individuals, especially business owners, often publish lots of information about themselves in public databases. Businesses are registered with governments, telephone numbers are in the phone book, and many individuals have social media profiles with their address and date of birth. Many identity thieves can use information obtained across various public forums to construct a complete identity.
4. Identity Theft Resulting From Using A Personal Name Instead Of Filing An OA
Sole-proprietors that have not registered a business name to receive “operating as” designation are at a far higher risk of identity theft due to their personal name, rather than their business name, being published publicly.
5. Tax Records Theft Around Tax Time
Businesses should ensure that tax returns are dropped off at the post office and refunds are collected promptly from the mailbox. Identity thieves often steal tax returns from an outbox or mailbox.
6. Bank Fraud Due To Gap In Protection Or Monitoring
Business owners know that it is vital to balance their accounts every month to ensure that checks are not being written out of business funds by embezzlers, but many businesses rarely, if ever, check what kind of credit accounts have been opened under the business name. Monitoring services like myID.com can alert business owners when new credit accounts are opened fraudulently.
7. Poor E-mailing Standards
Many businesses treat e-mails as confidential communications, but this is far from the case. They are available to a number of people other than the recipient. It’s more appropriate to treat e-mails as postcards, rather than sealed letters.
8. Failing To Choose A Secure Password
In fact, many security experts are recommending the use of a pass phrase, rather than a pass word. Pass phrases are several words long, at least three, and are far more secure than passwords. A pass phrase like “Friday blue jeans” can be typed far quicker than a complicated password, and it doesn’t need to be written down on a post-it. The length of a password increases security.
9. Not Securing New Computers Or Hard Drives
Businesses that had their IT system professionally installed may opt to upgrade a computer or two by themselves. This is strongly discouraged on a business network, as new computers must be professionally secured or else they pose a serious threat and an entry point for hackers.
10. Social Engineering
Social engineers are individuals that call and claim they are from another organization. They may even claim to be with a firm that a business owner does business with. If someone you do not know calls on the phone, be sure that it is the person you think it is before revealing passwords or confidential information.
For more information on a paper shredding or confidential document shredding service in the Cork, Limerick, Galway and Dublin area, please visit: http://www.securityinshredding.com/
Like, Subscribe and Follow us on Twitter: @Securityinshred