Online Security for Small to Medium-sized Businesses

While cybersecurity is an important issue for both small and big businesses alike, larger companies have a marked advantage when it comes to purchasing and implementing the systems necessary to keep their data safe. Even so, the little guys face the same critical concerns when it comes to warehousing sensitive customer information.

According to the National Small Business Association, 44 percent of small businesses say they’ve been victimized by a cybercrime of some kind at least once. And the cost of those crimes averaged nearly $9,000 each to rectify. Part of the cost is notifying customers of a data theft that might compromise their personal credit or other information. Nearly every state now requires businesses to tell customers if personal data has been lost or stolen. (Kehrer, 2014)

A recent study of cyber crime by the Ponemon Institute reflects the staggering costs inflicted upon businesses due to Illegal data breaches in 2013. German and US companies had the most costly data breaches($199 and $188 per record, respectively) These countries also experienced the highest total cost (US at $5.4 million and Germany at $4.8 million). (Ponemon Institute, 2013)
And while the cost of preventing or repairing the damage caused by cyber attacks can be expensive, the aftermath of the attacks can be devastating. Customers may be less inclined to patron an online business knowing that their personal information has been stolen in the past.

In a recent article published on the Department of Homeland Security’s website, implementation of the following practices was suggested for businesses looking to beef up their data security:
• Use and regularly update anti-virus and anti-spyware software on all computers; automate patch deployments across your organization to protect against vulnerabilities.
• Secure your Internet connection by using a firewall, encrypting information and hiding your Wi- Fi network.
• Establish security practices and policies to protect sensitive information; educate employees about cyber threats and how to protect your organization’s data and hold them accountable to the Internet security policies and procedures.
• Require that employees use strong passwords and regularly change them.
• Invest in data loss protection software for your network and use encryption technologies to protect data in transit.
• Protect all pages on your public-facing websites, not just the checkout and sign-up pages. (Department of Homeland Security, 2014)

As the Internet of today continues to replace the brick and mortar of yesterday, businesses of all sizes continue to search for ways to utilize the global market and unlimited sales and growth potential online commerce has to offer. Their success hinges not only on their ability to supply goods and services to their customers, but to keep sensitive customer information secure as well.

Resources:

Department of Homeland Security. (2014). Cybersecurity for Small and Medium-Sized Businesses and Entrepreneurs. Retrieved from Homeland Security: http://www.dhs.gov/national-cyber-security-awareness-month-2014-week-four

Kehrer, D. (2014, July). Cyber security growing problem for small business. Retrieved from AZCentral: http://www.azcentral.com/story/money/business/abg/2014/07/27/cyber-security-growing-problem-small-business/13242313/

Ponemon Institute. (2013). 2013 Cost of Data Breach Study: Global Analysis. Retrieved from Ponemon Institute: http://www.ponemon.org/local/upload/file/2013%20Report%20GLOBAL%20CODB%20FINAL%205-2.pdf