Is the data at your dry cleaners secure?
It better be.
Cybercrime is on the rise.
And it doesn’t look like it’s slowing down anytime soon.
Think you’re too small to get attacked. Think again. Hackers target small and medium-size businesses because they believe their security is lax.
In fact, 90 percent of data breaches impact small business, says a recent report from Trustwave®, a cybersecurity consultancy. And it can cost you a lot more than you think.
The cost of a data breach for a small business merchants, for example, averages $36,000 and can reach or exceed $50,000. Your actual out of pocket costs will be higher. Guaranteed.
Additional costs for a cyberattack can include things like:
- Customer notification
- Credit monitoring for affected customers
- PCI compliance fines
- Liability for fraud charges
- Upgrade or replacement of POS system
- Reassessment for PCI compliance
- Card replacement costs
Of course, the cost of a data breach is different for each company. But we think you get the picture. So if you own or manage a dry cleaning business, your sensitive data needs to be secure.
One way to boost security is to follow industry best practices for small and medium-size businesses like those below. They’re proven, practical, and productive cyber security tips:
- Use a firewall — A firewall is your first line of defense. In fact, the United States Federal Communications Commission highly recommends it. A firewall is an added layer of protection from hackers looking to make a quick strike. Some companies are also installing internal firewalls as an additional countermeasure. If you have remote employees that work from home, they should have a firewall as well. Encourage their compliance by providing firewall software and support.
- Develop a BYOD policy — Nearly 60 percent of today’s businesses allow BYOD, says TechPro Research. With interest in IoT and wearable technology growing, the need to have a written BYOD policy that focuses on security precautions is a must. You should also recommend to employees that they set up automatic security updates on their devices and require them to apply your password policy to all mobile devices.
- Strengthen your authentication process — Many companies are lax in this area. Passwords don’t always work, so consider multi-factor authentication. A proven safeguard, multi-factor authentication supports your password with either a knowledge-based, possession-based, or inherence-based requirement. Having a physical key for a smartphone is a good example. Multi-factor authentication is a potent countermeasure.
- Boost weak defenses through automation — Another proven security approach, automatic security makes credentials more dynamic and harder to access. The secret with this countermeasure is that users don’t know their passwords until the last minute, eliminating the risk of them knowingly or unknowingly giving passwords away. Look for a system that supports password change automation and Privileged Identity Management (PIM), which is the monitoring and protecting of superuser accounts in an organization. PIM is well-suited for meeting compliance issues and stopping internal breaches.
- Install anti-malware software — A no-brainer, right? But you’d be surprised how many dry cleaning businesses don’t do it. Anti-malware protects you against phishing attacks,a type of social engineering attack often used to steal user data, including login credentials and credit card numbers. With phishing attacks on the rise since 2015, it’s more critical than ever that you install anti-malware software on all devices and networks.
- Secure network endpoints — If you have a network of any kind, you need to secure its endpoints. It’s a network’s most vulnerable area. Endpoints “holes” are created in the network security perimeter to let internal and external users access resources, so they’re vulnerable to attack. Advanced endpoint protection strengthens the system’s ability to defend itself. Using a risk and resilience (RMM) system to automate the effort makes things more manageable.
- Educate employees — Workers are the weakest link in the security chain. They don’t always safeguard their passwords and resources, leaving you open to attack—no matter how tight the system. User education crushes cyber-crime. But workers need to remember educating workers for them to work, so how you present this information is nearly as critical as the information itself. Make presentations clear, memorable, and inspirational. In other words, do the topic justice.
These practices are easy to implement and cost a lot less than what a data breach will. If you’re a small or medium-size business, these practices provide a good start toward a potent security program. And since no system is fail-safe, it wouldn’t hurt to implement additional best practices as soon as you can.
Hackers can breach any security system with enough time and motive. It’s not if a hacker will attack you these days, it’s when. So your data better be secure. Even a minor breach can cost you thousands and hand you a legal, financial, and public relations nightmare that can shut you down. No one wants that. Follow these cyber security tips and continue to update and educate yourself on the new best practices.