What Small Businesses Can Learn From The Equifax Data Breach
Data security was thrust back into broader public consciousness over the last month as details on the record-breaking Equifax data breach continued to emerge. The credit monitoring company now estimates at least 145 million Americans may have had their personal and financial data stolen from the company’s system by hackers, potentially giving them access to credit reports, Social Security numbers, home addresses and much more. Access to this type of information in the wrong hands can create havoc on personal credit profiles and lead to bad credit ratings for many individuals.
But the scale of what is now the biggest known instance of digital theft ever is not the only thing that has consumers, business groups and lawmakers outraged. Many have also been sharply critical of the response – Equifax continues to avoid or be very slow to address basic questions regarding its plans to protect consumer data going forward, while leaders from the rest of the credit monitoring industry have done little to inspire confidence in their own data security measures.
Equifax is a massive company that was hit with a hack of incredible scope, but that doesn’t mean cybercriminals don’t bother with small businesses. In fact, it’s this category of organization that often makes the easiest targets for data thieves. With that in mind, small business owners need to take steps toward protecting their data and earning the trust of their customers and employees.
Data security basics for businesses
The first and most basic step any business should take is establishing a thorough, robust plan for data security. Fortunately, that means following best practices that most are already fairly familiar with:
1. Use strong, unique passwords for every online account linked to your business. The most secure passwords are at least eight characters in length and contain a mixture of uppercase and lowercase letters, numbers and symbols. Using a different password for every online account is the most secure practice. Consider a password manager tool that can securely store all your login credentials in one place for easier use.
2. Make data security a priority for employees, too. They should not only follow password best practices, but also look out for suspicious emails and understand the importance of protecting confidential business and consumer data.
3. Get familiar with the technology used throughout your business. Use strong passwords on wireless routers and other devices. Keep all computers and mobile devices running on the most recent software updates, and download a reputable antivirus program to stay a step ahead of most cybercriminals.
Crafting a response plan
These basic measures can help thwart all but the most determined hackers, but implementing them doesn’t completely erase your risk of being hit by a data breach. Every business should also have preparations in place to mitigate the damage if a breach does occur. That may include changing passwords and temporarily disabling devices, but it must also address the response to your customers and clients. As soon as you understand the scope of the situation and have taken the first steps to address it, inform everyone affected by the breach with a prompt, honest statement. While it might not please everyone, we now know from the Equifax breach and many others that it goes a long way toward salvaging business relationships.
Small businesses can’t afford to expose themselves to greater risk of a cyberattack. If you’re due for a security update and need funds to purchase software or hire an IT professional, QuickBridge can help.