Today is Data Privacy Day and it’s a good time for small businesses to consider how you are protecting your business and customer information. With recent threats like Wikileaks and various attacks targeted at stealing banking credentials, Data Privacy Day couldn’t have come at a better time. I encourage you to celebrate this day by looking at your data privacy practices and considering what you need to do to keep your customers’ personal and financial information safe.
So much of our valuable business information resides on computers, so I’m not surprised that our Symantec 2010 SMB Information Protection Survey found that almost three-quarters of small businesses are somewhat/extremely concerned about the loss of crucial business information. This concern is based on experience – 42 percent have actually lost confidential or proprietary electronic information in the past.
Here are some tips to ensure that your business is not part of the 42 percent that has compromised the privacy of its customer and business information:
Know what you need to protect: Today, small businesses’ critical information lives beyond the walls of the office on laptops and mobile devices. Look at where their information is being stored and protect those areas accordingly. To ensure the business is protected, focus on protecting your confidential information wherever it resides, as opposed to protecting the device.
Enforce strong security policies: It is important to enforce password management for managers and employees. Maintaining strong passwords will help you protect the data stored on a laptop if a device is lost or hacked. Strong passwords have eight characters or more and use a combination of letters, numbers and symbols (e.g., # $ % ! ?). Have employees change their passwords on a regular basis, at least every 90 days.
Encrypt your information: Encryption technology should also be implemented on desktops, laptops and removable media. With encryption, your confidential information is protected from unauthorized access, providing strong security for intellectual property, customer and partner data.
Keep it clean: One of the most important yet simple steps to protect your important information is implementing comprehensive endpoint protection on your company systems. Businesses must always keep the program up to date and take action to remove threats caught by the program – ensuring that nothing malicious is passed through the business to customers. Incidents where harmful content is exchanged will surely reduce trust in an organization and give customers cause to find a new merchant.
Data Privacy Day is a great milestone for evaluating the effectiveness of your security strategy. Protecting your business and customer information must be an ongoing focus for you and for each of your employees.