In this day and age the risk of a data breach remains an ever-increasing issue. Smaller businesses who keep data are a major target, especially if that small business deals with client finances, banking information or social security information. As small businesses are trying to compete with the larger companies they open themselves up to additional avenues in which data breaches might occur. This can include, but by no means is limited to, a lost or stolen device, hacking, fraudulent activity, improper disposal of data, errant e-mails, failure to encrypt sensitive data, and even failure to have the appropriate operating systems and data storage.
It is key to take the appropriate steps to protect both your small business and your clients. This can include, but is not limited to, making sure that not only are any mobile devices password protected, but that you can wipe the device if it is lost or stolen. Companies, such as Apple and Microsoft O365, offer systems in which this can be done at the click of a button. Furthermore, there are firewalls and encryption services that can be added to any system to make it harder for hackers to steal important and sensitive information.
Another way to help keep your information safe is to have a plan in place to back up your files and secure information. Whether that be storing your information on site on a server, off-site or in the cloud, make sure the company you decide to utilize has strict and secure protocols and procedures to prevent against hackers.
If commercial information is compromised, the related damages can also be significant. Ponemon Institute’s “2011 Cost of Data Breach Study: United States” indicated that the cost per record of a data breach was $194 in 2011. This includes the average of both direct and indirect costs. The U.S. Government Accountability Office’s 2012 report “Identity Theft: Total Extent of Refund Fraud Using Stolen Identities Is Unknown” indicated that during the first three quarters of 2012 the IRS identified 642,000 incidents of identity theft.
Stealing information is not just to obtain refunds from the IRS. Cybercriminals are searching for information to gain control over existing financial accounts, steal trade secrets, assume identities for credit or health insurance, engage in third party fraud or access other systems providing more lucrative information. Take for example a CPA’s records; they are a virtual treasure chest for cybercriminals.
It is important to implement data protection protocols regardless of the size of your business and the type of business. Do you have a Data Breach Response Plan? Here are some things to consider when either developing or revamping your Data Breach Response Plan:
When selecting cybersecurity insurance keep in mind that policies which include coverage from the earliest part of an investigation are preferable. Furthermore, when selecting an insurance provider, the following questions are good to keep in mind:
Does your policy cover:
For further questions regarding the protection of your business, please do not hesitate to contact Hunter Business Law.
DISCLAIMER: This blog is for educational purposes only and does not offer nor substitute legal advice. Additionally, this blog does not establish an attorney-client relationship and is not for advertising or solicitation purposes. Any of the content contained herein shall not be used to make any decision without first consulting an attorney. The hiring of an attorney is an important decision not to be based on advertisements, or blogs. Hunter Business Law expressly disclaims any and all liability in regard to any actions, or lack thereof, based on any contents of this blog.