Joseph Feiman, VP and Gartner Fellow recently stated that “by 2020, enterprises and governments will fail to protect 75 per cent of sensitive data” and went on to explain that “protecting all data is not only unrealistic, but is also unnecessary, because much of the data that we think is sensitive is not.”Referencing the universal ability of users to find information via open sources on the internet, Feiman cites most data privacy efforts as insurmountable challenges that produce wasted efforts. “Overall, there is no need, nor are there abilities, budgets and resources, to protect as much data as is stored (and keeps accumulating).” So, as a small business, where do you draw the line on realistically protecting your sensitive data and wasting valuable resources such as time and money? There is no getting away from the fact that you are likely to have IP that, if it fell into the wrong hands, could expose your business to, at worst collapse and at best, damage. It may also be that you have customer or client data that you need to protect. What’s more, there’s no doubt you’ll be sharing information and data across different devices and on different platforms with a whole host of business collaborators, some of which will be sensitive and some of which won’t. It’s for all these reasons (and probably a few more) that it’s essential to take a balanced and commercial view on the risk of digital security breakdowns and take fitting and appropriate actions to protect their affairs. Here are our seven top tips:
1. Critically assess the REAL level of risk you’re facingWhile it’s virtually impossible to put a £ value or price on data or information, it’s essential that you are aware of the level of risk to your business of having your security undermined. It’s only too common for innovators and entrepreneurs to live in fear that their idea will be copied or stolen; but how real is that fear? What would be the result of your data or information being hacked? Would the hackers know what to do with it? Would they value it as highly as you do? Often, the answer to these questions is “No”, but only you can decide.
2. Get the right toolsAt a very basic level, it’s essential that your business has reliable and quality protection tools in place; such as anti-virus and firewall software and that they are regularly updated.
3. Change your passwordsIt sounds really obvious, but making sure your passwords are regularly updated and are strong is an absolute basic. Also making sure you have a password strategy that’s hard to crack on the outside will help. Only too often people use the same password across their entire password protected systems. This approach is like having the same key to open your house door, start your car and unlock your office suite – in short, it’s a security ‘no-no’.
4. Keep your software currentOut-of-date software is one of the biggest exposures you can have to hacking. When new versions of software come out, the hackers need to work out how to beat the system; so staying current helps keep you ahead of the hackers.
5. Send and receive money securelyIf you send and receive money online in your start-up, make sure your systems are secure. What you need to look out for here is the SSL logo or VeriSign confirmation that security standards are protected. Although lots of people shy away from it, PayPal is arguably one of the simplest and most secure global payments systems in use today.
6. Micro-manage employeesAlthough your employees are more than likely ‘on side’ when it comes to respecting confidentiality, they are human. Human error accounts for a significant number of security breaches worldwide and well-trained and vigilant employees are less likely to make errors than employees who are working in the dark. You should also be wary of employees using their own devices for business purposes, simply because they mightn’t meet your business’ security standards.
7. Develop a disaster planOnce you have appropriate digital security policies in place, top them off with an ‘If all else fails’ plan. Hopefully you’ll never need it, but at least that way, if you are exposed to a security breach, you know what to do and can act commercially and calmly to get your business back on track. These things take time to set up but are key to ensuring leakage doesn’t happen and if it does, that your business is as protected as it can be. Peter Andrew is head of innovation at Alba Innovation Centre.
Share this story