Cybercrime: aka being robbed blind via online transactions when you don’t even know it’s happening until it’s too late. If you’re involved in an online digital business opportunity, chances are you haven’t given cybercrime more than a passing thought, if that. But think again.
According to Verizon Communications Inc.’s forensic analysis unit, more than 70% of the 855 data breaches they analyzed last year happened in US companies with 100 or fewer employees. That’s up from 63% of the breaches analyzed the year prior.
No doubt about it, cybercrime is on the rise again. Trouble is many small business owners still don’t think it can happen to them.
Regrettably, a June 2012 study by The Hartford, a leading worldwide insurance and wealth management services provider, found that an astonishing 85% of small business owners simply don’t believe they could ever be a cybercrime victim. And as a result, far too many of them are taking few if any precautions to protect their personal, customer, patient and employee data.
“Most of the business owners surveyed believe they are not at risk, when in fact small businesses are increasingly being targeted,” according to Lynn LaGram, assistant vice president of small commercial underwriting at The Hartford. “As cybercriminals set their sights on smaller firms, it is important for business owners to take proactive measures to protect data and minimize the likelihood of a breach.”
But it’s not just a lack of awareness about the real risks imposed by cyberthieves that is causing small business owners to drag their feet. There are also the financial implications. Small businesses oftentimes have limited budgets, and as a result web security just isn’t a priority. Furthermore, limited resources means they tend to have few if any technology experts on staff.
But is doing nothing really an option any longer? Not when you consider the possible implications.
According to one estimate, the average U.S. data breach cost a business as much as $194 per compromised record last year. Additionally, and a fact that many business owners don’t realize, any bank that provides what is considered to be “commercially reasonable security” will not be held liable for a small business owner’s losses as a result of cybercrime.
Okay, put into full context, perhaps spending a little money up front to avert a potential catastrophe isn’t such a bad idea after all.
So what can small business owners do to significantly reduce the likelihood that they will be a cybercrime victim? Here are some pointers from the experts:
• Keep sensitive personal, customer, patient and employee data locked up and secure
• Restrict employee access to sensitive data as well as online access to social networking and other sites that are attractive to hackers and may carry viruses
• Dedicate one computer to payment processing and use it for nothing else, and invest in reliable controls to protect it
• Shred and carefully dispose of sensitive data of all kinds
• Use password protection, and change passwords in complex and significant ways often
• Use data encryption
• Update computer software and malware frequently and regularly
• Use firewalls to control access
• Secure remote access to the company network
• Ensure the bank that processes outgoing payments employs air-tight fraud protection practices that are above and beyond what is deemed to be “commercially reasonable”
• Require verbal authorization from a sanctioned company representative for all outbound transactions, or even just those over a certain amount
• Purchase an insurance policy that covers the costs of recovering from a data breach
• And finally, do some homework in advance to know who to call in the event of a cybercrime emergency, such as your bank’s security department or a certain branch of law enforcement.
For a more in-depth look at the The Hartford’s survey findings, click here. And for a great overview of the very real threat posed by cybercriminals, we recommend you click on this recent Wall Street Journal article now!