Home Blog Protecting your business

Protecting your business

The recent Facebook scandal demonstrates how serious data security breaches can be, but they aren’t limited to large organisations. Is your business data secure?

Simply sending a file to the wrong person or leaving your phone in a taxi can set off a data security breach. With a little planning however, you can prevent or mitigate your risks.

Your legal responsibilities

Australian laws protect the privacy of individuals. The Australian Government introduced the Notifiable Data Breaches (NDB) scheme in early 2018. The NDB requires some businesses to notify any individual who may have had their information compromised by a serious data breach. If you don’t comply you may face fines of up to $360,000 for individuals and $1.8 million for businesses.

While only serious data breaches fall within the NDB scheme, you may still be adversely affected by a data security breach.

The risks are high

Cyber-attacks, including scams and incursions by hackers, are often associated with data security breaches. 43% of cyber-attacks target small businesses and 60% of those companies go out of business within 6 months of the attack.(i) While cyber-attacks are serious, other risks like human error, power failure or even natural disaster can also compromise your data.

A data security breach may damage your business’ reputation or lose customers. It may disrupt your business for a significant period of time or result in financial loss that could be devastating. You may even lose valuable information that you need to run your operations.

Protect your data

The first step in protecting your information is to prioritise what data you actually need to secure. Your business may collect a lot of information, so secure data that is most susceptible to hackers or could do the most damage if it gets into the wrong hands first – like customer information and company financials.

Once you’ve identified what to secure, you can put in place these best practices: (ii)

Policies and procedures: Create guidelines and processes that everyone in your company can access. These should cover most situations – from hackers to employees accidentally losing information. Your policies and procedures should outline how to keep data secure, how to identify if there’s been a security breach, and how to respond to a breach.

Assign responsibility: Data security is everyone’s responsibility, but it’s also important to have an area or individual who is accountable for making sure your policies and procedures are in place and followed.

Test and check: Your policies and procedures should be tested regularly to make sure they’re followed and actually address the risks they’re designed to.

Leverage technology

Technology plays an important role in data security. There are several types of technology that you can use or may already have in place, that can help secure your business data:

Antivirus and malware: Most businesses have some type of malware software, but it’s only effective if it’s kept up to date. Adding firewalls can also boost your networks’ security.

Encryption: Encryption software makes sure no one can use your data even if it’s compromised. This can be used with databases, servers, backups, and all hardware and devices.

Audit trails and logs: If you have a security breach you’ll need to identify what happened and when. Audit trails and logs can help you do this. While some software has its own audit log, you may need additional software to record some transactions.

Cloud security: Many businesses use cloud-based software, but due to their nature of being able to be ‘accessed anywhere’ it is important that security and password policies are put in place. Cloud workload protection platforms and cloud access security brokers can protect your information in the cloud.

Remote browsers: Internet browsers are the most common source of attack. Remote browser technology isolates an internet browser session so it can’t affect other parts of your network.

Endpoint detection and response: By 2020, Gartner estimates 25% of medium-sized and 10% of small business will have endpoint detection and response technology. This monitors unusual behaviour and can prevent an attack from happening.(iii)

As the amount of data we collect grows, it’s more important than ever to keep your business data secure. It can be a complex area though, so seek out expert advice if you need.

 

(i) http://www.qcsgroup.com.au/cyber-security-statistics/

(ii) https://www.oaic.gov.au/agencies-and-organisations/guides/guide-to-securing-personal-information

(iii) https://www.gartner.com/newsroom/id/3744917

Print Friendly, PDF & Email

Oliver Holcombe

About the author

Oliver Holcombe joined the BMO team in 2012 after graduating from Our Lady of the Southern Cross College. He has enjoyed gaining strong practical experience by working full-time as an Assistant Accountant and now Accountant since completing his Bachelor of Commerce at USQ in 2017. Throughout his schooling years, Oliver achieved outstanding results and finished Grade 12 at the top of his class READ MORE


Related posts

Start afresh in the New Year

It’s the new financial year! While it’s possibly only bankers and Read on...

Tax relief for start-ups

To encourage innovation and new small businesses, the government Read on...

Fire up your small business in 2018

The holidays are upon us and with a bit of luck you will be able to Read on...

Do you know where you’re going?

There is a real temptation for small businesses to skip the whole Read on...