Skip to main content

Security

5 Steps to Protect Small Business Data

Many small business owners understand and are aware of the risks of data loss, yet feel they do not have proper financial and human resources to effectively protect their business.

retail security data 1  5727a9a04482c

Data anxiety among small business owners results from not having adequate resources to properly manage information security. While the threat of an information security breach is an increasingly widespread problem for businesses of all sizes, it is especially prevalent for small businesses. A Ponemon Institute survey found that 55 percent of small businesses have had at least one data breach and 53% of those businesses had multiple breaches1.

Many small business owners understand and are aware of the risks of data loss, yet feel they do not have proper financial and human resources to effectively protect their business. The 2016 Shred-it Security Tracker information security survey showed that 85 percent of small business owners are aware of their legal requirements concerning confidential data, but less than half have a protocol in place that is followed by all employees. This situation has created a level of anxiety among small business owners with respect to how to best manage confidential data in all forms.

“Most small businesses don’t know where to start when it comes to information security. While many small businesses owners are aware that data breaches are legally and financially damaging, they are overwhelmed when it comes to setting rules and implementing information security protocols,” says Bruce Andrew, SVP of Shred-it, which offers secure paper shredding, document destruction and hard drive destruction services. “Ensuring that there are preventative measures in-place is the best way to combat data anxiety and protect businesses from information theft and data breaches and their consequences.”

To help manage data anxiety, Shred-it has identified five easy-to-implement solutions that all small businesses can do today to protect their customers, their reputation and their people:

  1. Implement a Shred-it All Policy
    Shred-it All policies ensure all paper documents are shredded before being recycled or disposed. The Shred-it All policy removes any uncertainty around whether documents are confidential and require shedding. This simple step is one of the easiest ways to avoid human error including mishandling of confidential documents and files. In addition, all shredded paper is recycled, adding an environmental benefit to a security solution for businesses. Overall, it leaves little to be decided around the type of information that should not be deposited in recycling bins and waste paper baskets.
  2. Encrypt All Electronic Devices  
    With an increasingly mobile workplace, people can access the information they need remotely, which means company information may be exposed to greater security vulnerabilities. Encrypting all electronic devices is an important first step in securing information. All electronic devices used by employees should be encrypted to protect confidential company information regardless of whether employees use their own devices or devices provided through the company. In the event that electronic devices are lost or stolen, encryption will protect the information stored on the device and mitigate any compromising activity.
  3. Institute a Clean-desk policy
    A clean-desk policy encourages employees to clear their desks and lock documents in a filing cabinet or storage unit when they step away from their workstation for an extended period and at the end of each work day. This includes documents, files, notes, business cards, and removable digital media like memory sticks. Unattended and untidy work stations pose a greater risk as loose information is an easy target for theft. A clean-desk policy ensures that all confidential data is locked in a secure area.  
  4. Protect Printing Stations
    Implement a ‘best practices’ standard for printing confidential information. Encourage employees and staff to not leave documents unattended at a shared printing station. To strengthen security around printing stations, consider using passwords for printing jobs.
  5. Designate a Security Ambassador
    According to the 2016 Shred-it Security Tracker 40% of small business owners report having no employee directly responsible for managing data security. While it is important to have senior management and leadership play a vital role in mitigating data breaches, engaging employees from all levels and cross-departments helps strengthen an organization’s focus and commitment on information security. 

Small business owners can take steps today to overcome data anxiety and help mitigate information security risks. In addition to these easy and cost-effective tips, businesses should consider planning and implementing a comprehensive information security protocol for the long-term.

To learn more about these solutions and for other techniques in implementing information security policies visit, Shred-its resource page here: http://www.shredit.com/en-us/blog/securing-your-information/may-2016/five-simple-information-security-tips-that-data-th