Security & Privacy

Data Loss: A Security Threat Your Small Business Must Not Ignore

Posted on October 12th, 2016 by

Data Loss: A Security Threat Your Small Business Must Not Ignore

Observed every October, National Cyber Security Awareness Month (NCSAM) is well under way, marking the 13th annual event. NCSAM 2016 focuses on a different cyber-security issue each week and will highlight the roles both individuals and organizations must play in promoting a safer Internet.

This week's concept of the NCSAM 2016 campaign is a continuation of last year's theme, which focuses on creating a culture of cybersecurity in the workplace. In this article, we'll dive into the issue of data loss: a security threat your small business must not ignore.

Data Loss is a Major Threat

One of the absolute best things you can do for your business Macs is to make a backup. Your business assets may include building and equipment, but what sets your company apart from others is your personnel and your data. This data includes intellectual property, marketing plans, sales data, customer lists, product specs and more. It also includes your financial records, emails, letters and faxes, and every other bit of data that lets your business operate smoothly — all of which is, in many cases, no longer saved on paper.

In a study by Help Net Security, more than half (53%) of the organizations surveyed revealed they do not conduct daily backups, while research by the PCI Council showed that 60% of small businesses that experience a major data loss go out of business within six months.

Ask yourself: What would happen to your company if, tomorrow, you lost all the computers in your offices? Would you still be able to function? Do you have backups of your data; and not just in your offices, but also in a secure, off-site location or in the cloud? How long would it take for you to get up and running again?

Data loss occurs for many reasons. A hard drive may crash, a computer may kick the bucket, or a power surge could cause damage to your hardware. Perhaps malware used by cybercriminals to glean valuable data sneaks past your defenses; or worse, your business may get snared by ransomware that encrypts or corrupts your data. There are also natural disasters: You never know when an earthquake, flood or tornado will hit.

Building a Robust Data Security Policy

You may have a plan for securing personnel in the case of an emergency, but have you planned how to protect your data if the unexpected happens?

Every business needs to back up its data. Small businesses may not have a formal backup policy; some employees may back up their data regularly and others may not. If you lose essential data, it can cost time, money and productivity to recovery it; you may not be able to recover all of it.

A robust data security policy doesn't have to be complicated. You need to make sure that every computer, and every network drive, is backed up regularly, and redundantly, but your don't need to spend a lot of money doing this; most of the process can be automated. You can installed software on your computers that backs up your data to network drives, network attached storage (NAS) devices, and even to cloud backup services. But you should always ensure two things:

  1. Your backups must be redundant. Don't trust just one hard drive or device to store your data. Make local backups and off-site backups, either to the cloud, or using hard drives that you physically move to a secure location regularly. These could be drives you move among your various offices, or that you put in a safe deposit box once a week, switching the previous week's drives.
  2. Your backups are reliable. You need to check your backup drives regularly for disk errors. Hard disks fail; it's not a matter of if they will, but when. You should regularly check your backup drives and devices to ensure that you can recover the data they contain. There's nothing worse than losing data on a computer only to find that a backup is corrupted.

Hope for the Best, Plan for the Worst

In the past, we've also covered things like weak passwords and phishing dangers, and have reported on IT confidence in the security of Macs in the workplace, because with more and more business activities taking place on Mac computers, over networks and in the cloud, businesses of all sizes can no longer ignore the threats we face — up to and including protection from data loss.

The bottom line is that just because your business is small doesn't mean you can ignore data security. As we like to say, hope for the best and plan for the worst.

Now is a better time than ever to ensure company data security policies and tools are protecting your business Macs to the same extent that Windows machines are protected. If steps are not taken to prevent data loss, small business owners could find themselves struggling with the fallout.