If you think that because you own a small business, you don’t have to worry about big business security threats like burglary, employee theft, and cyberattacks, you’re not alone. But that doesn’t mean you’re right.
According to a recent study conducted by security vendor Symantec and the National Cyber Security Alliance, most small businesses labor under a false sense of security when it comes to their online data. Nearly 80 percent of those polled said they lack a formal written Internet security policy for employees, with only 52 percent admitting they have a plan in place for dealing with hackers, viruses, or other cyber-ills. Also, less than one in ten small businesses were concerned with losing such critical data as consumer information even though such a loss would be ruinous to their business, with past statistics suggesting that roughly 60 percent of small businesses close within six months of a cyberattack.
These are shocking stats. And when you compound them with the fact that losses from physical theft cost U.S. businesses billions of dollars each year, there’s no doubt that the need to protect one’s premises, inventory, and intellectual property is more important than ever. How then can small business owners safeguard their property from criminals? And what about the ever-ubiquitous threat of hackers in cyberspace, who may steal with one flick on the keyboard the customer data that could be the lifeline for your business?
Consider the price of lost data
Savas Papadopoulos, chief technology officer of the Baltimore, Maryland-based FastNeuron Inc., sells backup software for servers and workstations and has over 30,000 users worldwide. He says the unique value of your data is a key variable to consider when looking at backup servers that will protect a small business’s information.
Papadopoulos urges small business owners to build in “redundant” systems and adopt a wealth of options, such as multiple backup servers. “[Small businesses] need backups in different locations in case their office is broken into, flooded, or catches fire,” he explains. “The most important thing business owners need to do is imagine the worst-case scenario: What if all your computers break down? This could happen if lightning strikes a nearby power pole and the surge enters the building. How much would it cost to reconstruct all the data? For most businesses, the cost of backing up is miniscule compared to the potential losses.”
Michael Krutikov, senior global marketing manager for Symantec’s SMB backup and recovery business, wholeheartedly agrees. He notes, “small businesses should understand what types of systems they have running, what types of applications they have and which files are most critical. It’s embarrassing to call your customers to request their information over again. Losing data really impacts small business [productivity].”
Evaluate the level of risk of potential on-site criminal activity
To prevent break-ins, all small businesses need to perform a risk assessment of their premises. For businesses that have a normal level of risk, the owner should install a burglar alarm, one that is functioning and serviced regularly. Plus, make sure that the employee access protocol list, which contains the name of several employees that a security firm will contact in the event that an alarm is activated, is up-to-date and active.
This is a critical best practice says David Walsh, co-founder of Netwatch a global provider of surveillance systems that counts small businesses as 85 percent of its client base. “It’s important that those three to four names are still active in the organization so they can be notified,” he says.
However, if you believe your business is at immediate high risk, then Walsh strongly recommends that you install a hidden surveillance system, such as a closed-circuit television (CCTV) that will detect criminal activity both inside and outside your property. (And if you think that the threat of employee theft is exaggerated, consider this: According to statistics compiled by the U.S. Chamber of Commerce, three out of four employees will steal from their place of business this year, one of those employees will steal repeatedly and 75 percent of employee-related crimes will go unnoticed. The Chamber estimates that employee theft costs American businesses between $20 billion to $40 billion a year).
To illustrate his point, Walsh relates an example involving a Boston-based client, Falmouth Toyota, a family-run car dealership. “They had situations whereby intruders would steal components of cars to resell,” he says. After Netwatch installed a CCTV on the premises, the culprits were caught engaging in the theft on camera and the information passed to police.
Train your staff to keep a lookout for suspicious customer behavior
Is someone lingering a little too long in the dressing room at your boutique? Or loitering at a display, their eyes darting around while their hands fiddle with your wares? Even if you do have CCTV presence in your store, you should never completely defer to technology. Always have staffers trained to spot potential shoplifters. Conduct training sessions on what to look out for and document these security policies in writing.
Keep private offices and filing cabinets locked at all times
This may sound like obvious common sense, but it bears repeating because it could prevent a loss of documents and avoid untold damage to your business. Nip it in the bud with this obvious security measure.
Use a non-generic password for servers and mail
Joel Gross is the founder and CEO of Coalition Technologies, a three-year-old LA- and Seattle-based Internet web design and marketing firm. He can vouch for this bit of advice about passwords from his own personal experience.
“I actually had a poorly constructed password for my Google Apps business account,” recalls Gross. “It was ‘p@ssw0rd.’ Someone was able to hack it and sent a bunch of spam e-mails to clients, which is very embarrassing since I run a web development firm and am supposed to know better.”
Gross advises small business owners to create computer passwords that are “necessarily complicated and have almost nothing to do with your business or products. Even for amateur hackers getting past generic passwords is very simple. Many of them keep running lists of the most common passwords. For instance, ‘technologies123’ would not be prudent. The best password will have nothing to do with your business and include number patterns as well as random capitalization. Also, if an employee quits or leaves on bad terms, make sure that all passwords are updated immediately.”
Whether it’s merchandise, money, or data, it’s imperative that all small business owners design and implement a security system that will prevent valuables from ending up in the possession of criminals. With businesses becoming a frequent target for criminal activity these days, there’s no excuse for security laxity. Investing in precautionary measures will safeguard your business and your time.