With recent headlines focusing on data breaches at big-box retailers such as Home Depot and Target, you may think hackers are only after large-scale businesses. But that’s what scammers want you to think — because then you won’t see them coming.
“Small businesses have become the low-hanging fruit for hackers,” said Melanie Wyne, NAR’s senior policy representative on technology issues, during Friday’s Risk Management Forum.
She cited several reasons small business owners should have a data security policy.
- Financial harm. If you have to notify clients of a data breach, you could instantly lose a swath of your customer base. A large corporation like Target can weather such a backlash. You can’t.
- Legal risk. Many states uphold customers’ rights to file class-action lawsuits against businesses that don’t protect their data. Attorneys general can file lawsuits for the same reason.
- Reputational ruin. Millennials are savvy about the risks of living a digital life, and they want to work with pros who make that a priority. If you don’t, you could close yourself off to a large share of potential clients.
“Big data would have you believe privacy is dead, but it’s not,” said Darity Wesley, an attorney with Lotus Law Center in La Mesa, Calif.
A data security program starts with first making sure paper files in your office are secure. Then it moves online. Here are some things to keep in mind:
- If you write down passwords, keep them on you. Don’t leave a Post-It note with your password stuck to the back of your keyboard.
- Get your head out of the cloud. Consider storing your most sensitive data on your own server rather than in the cloud, which comprises remote servers that you have no control over.
- Put extra encryption protection on your e-mail accounts. Even big email providers like AOL, Gmail, and Hotmail are vulnerable to hackers.