How you can prevent a Sony hack in your small business
Facing a security breach in your small business can be a daunting task to contain. Sidnee Peck, Director for the Center for Entrepreneurship, provides helpful tips to prevent this from occurring.
By Sidnee Peck | Director, Center for Entrepreneurship
With the recent Sony hack adding to the long list of business security breaches, how I can protect data in my small business in an affordable and realistic way?
You are right to have cause for concern in the area of data protection. We have recently seen a dramatic change in the way we do business and store data online and in the cloud. As a result, we have new risks for which to plan.
In the news, we see large corporations as the main targets for hacking. However, any individual or business should be thoughtful with the management and storage of data, as well as risk-mitigation planning. I wanted to offer some solid advice on this, so I asked a member of our advisory board at the W. P. Carey School of Business’ Center for Entrepreneurship about the issue.
Joseph Loomis is the founder and chief executive officer of CyberSponse, which developed a centralized system for managing, monitoring, reporting and analyzing an organization’s IT security infrastructure and processes. He provides the following tips:
Invest time in employee training.
Focus training time on the best ways to create, store, manage and back up data. Also talk about how to recognize and avoid email scams, especially focusing on phishing scams and how they work to get your data. Set up regular training and education sessions with your employees to keep everyone knowledgeable about the latest security risks and recommended practices to help demonstrate that security is a priority.
Perform in-house case study exercises.
Use some examples of real data breaches to help your employees understand how they occurred. This can highlight common mistakes individuals may unknowingly make. Providing the opportunity to see how employee actions can impact data security may lead your staff to understand their important roles in company security.
Be smart with passwords.
Employees may not realize that poorly selected passwords can affect the entire company. Give your teams a tool to help them select better passwords; consider free password tools, such as lastpass.com.
Take some time to create policies for data protection.
If your company does not yet have policies in place, then this is a great first step to use to heighten everyone’s awareness and create a reference point for actions to take when any risk or breach occurs.
Eliminate social media.
While this one won’t be very popular with your employees, eliminating the personal use of social media websites on corporate networks can boost your security.
Invest in background checks.
Hiring is one of the most important activities any company performs, and making the upfront investment in background checks on all employees (in addition to making sure they are a smart fit for your organization’s culture) is worthwhile for your company’s security and success.
If you’ve never really addressed security in your company, then trying a couple of these tips is a great way to start. Maybe add a new element every quarter to continue to increase the security of your data and arm yourself against the costly impact of a data breach.
First published in The Arizona Republic, December 23, 2014.
Latest news
- Lab lessons: Roadcase.com VP shares how ASU's SMB Lab fueled growth and efficiency
The Arizona-based audio/visual equipment case manufacturer gets expert guidance on improving…
- ASU MBA ranked No. 1 in the US for entrepreneurship
Poets & Quants ranked the W. P.
- More people are relying on their personal brands to help them in the job market
An ASU marketing expert discusses the importance of authenticity and storytelling when building…