Top Small Business Security Mistakes – Part 1

Excerpted from FoxBusiness News

Security is an important part of any business now a days, large or small.  If your network is breached, the additional costs, and a tarnished reputation may be difficult to remedy, and customer trust is tough to regain once personal information has been compromised.

Nobody is perfect, but here are a few ways to help you protect your business, customers, and integrity

1. Ignoring blind spots

In small businesses, technical expertise is generally not deep. Rather, the folks in charge of protecting data are often performing other job functions in the company. If your staff lacks expertise in a given area, it is important to invest in regular security-health checks with subject matter experts to ensure each solution you have in place continues to remain optimally configured and operating at peak performance.

2. Thinking your size makes you immune

Many small companies believe their size means they are immune to break-ins, IP theft or other issues; they may feel only bigger organizations will be targeted. This leads to a piecemeal security portfolio put together with cheap point solutions, freeware and no way to consolidate the information. Don’t think it won’t happen to you; always make precautions and take threats seriously.

3. Not checking your work

Just as a writer’s work is reviewed by an editor, your work may benefit from a second perspective. In one instance, an administrator at an oil and gas company manually input a policy that included a typo. This left a huge hole, which was open and susceptible to attack. Having your work reviewed by a second set of eyes, be it from a colleague or a consultant, can help avoid simple errors and help protect your business.

4. Viewing compliance as a "checkbox"

PCI, the Health Insurance Portability and Accountability Act (HIPAA), the Federal Information Security Management Act (FISMA) and other regulations are not just points to cross off your list. To get out ahead of audit findings, implement industry best practices such as those set forth by the Center for Internet Security (CIS), the SANS Institute or even Microsoft Hardening Guidelines. Nothing ruins your week like tracking down lost data or a root cause, so embrace a security mindset and view it as a responsibility, not a chore.

More helpful tips next week in part 2

For system questions and concerns, contact the CCS Retail Systems Support Department at 800.672.4806 or email us.

-Bryan

Leave a Reply