Data Breaches: What Business Owners and Shoppers Need to Know
By Lindsey Weiss
Do you think about what happens to your data
when you swipe your card at a coffee shop or enter your credit card number
online? Or, if you’re a business owner, do you have a plan for protecting
customer data, or assume you’re too small to be targeted by a data breach?
With cybercriminals expected to steal 33
billion records by 2023, data protection is something everyone should think
about. Unfortunately, most of us don’t consider the security of our data until
we’re affected by identity theft, ransomware, or another type of breach.
Whether you’re a business owner or a consumer, here’s what you need to know
about keeping your data safe.
Data Breaches and
the Small Business Owner
Data breaches cost
businesses an average of $225 per stolen record. That doesn’t sound like
much — until you consider that the average data breach involves thousands of
Protecting customer data is good for a small
business’s bottom line and its reputation, but despite the risks, small
businesses aren’t doing enough to prevent data breaches: One in three small
businesses haven’t taken any steps to stop a breach.
Even on a budget, business owners can
cybersecurity measures including:
- Securing WiFi networks.
- Installing firewall, antivirus, and
- Updating software on schedule.
- Using PCI-DSS
compliant payment systems.
- Enforcing password policies and using
- Wiping non-essential customer data.
- Protecting devices from theft or loss.
- Screening employees and contractors carefully
to prevent insider
- Educating employees on phishing scams.
- Routinely backing up data.
Business owners also need to stay compliant
with various state and federal privacy laws. All states have data breach notification
laws that require business owners to notify authorities and customers in
the event of a data breach. Some industries, including healthcare,
have specific data protection laws that companies must follow. If you’re not
sure about the laws that are specific to your industry, contact a lawyer.
When a breach does happen, the most important
thing to do is contact tech support right away. These professionals will work
quickly to recover your lost data and identify the source of the breach,
whether it’s a phishing scam or other form of attack. If you don’t have
in-house tech support, find qualified freelancers by searching through IT staffing agencies. By
addressing the problem right away and hiring a company that specializes in
recovering data, your business’s productivity won’t suffer greatly.
After identifying and containing the breach,
the next step for small business owners is notifying customers. How you inform
customers their data was exposed has a big impact on the future of your
business, so don’t act hastily. Instead, work with a PR team to draft a message
to customers, beef up your customer support staff, and consider offering a year
of credit monitoring services to customers affected by the breach.
Data Breaches and
Customers also have a role to play in
protecting their data from cybercrime. In addition to using strong passwords
and never using the same password twice, customers can protect their data while
shopping online by only purchasing from sites with secure check-outs. To know
if a website is secure, look for “https” (not “http”) in the URL and a lock
icon in the address bar.
Shoppers should also avoid using debit cards
when shopping, opting for credit cards instead, and avoid saving payment
information for autofill. Credit
cards offer greater consumer protection than debit cards and don’t put your
bank account at risk.
Since businesses may fail to notice a data
breach for months
— if they discover it at all — consumers should also get into the habit of
reviewing their credit report for any signs of fraudulent activity. Consumers
are entitled to one free
copy of their credit report from each of the three major credit reporting
companies every year.
Cybercrime seems like a distant concern when
you’re busy balancing your small business’s books or just living life. However,
with an increasing number of small businesses getting hit by data breaches, you
can’t afford to make cybersecurity an afterthought. Whether you own a small
business or just shop at one, make sure you’re taking the right steps to
protect your data.