According to Symantec, Business Email Compromise (BEC) scams, relying on spear-phishing emails, target over 400 businesses every day, draining $3 billion over the last three years.
Businesses were the main victims of the WannaCry and Petya ransomware outbreaks, with corporate networks the ideal breeding ground for this new generation of self-propagating threats. As a business, it is your responsibility to keep your customers’ personal data private and secure.
Here are the top 5 ways your small business should be securing customer data:
Start with security
Before you make any other decisions about new processes, make sure the customer information you require and keep is necessary. It’s fine to get the email address, but do you really need their social media profile, family history, and more personal data?
Limit the access
You need to take reasonable steps to secure customer data, and this begins with limiting how many employees have access to that data. The fewer members of your team can access sensitive data, the lower the risk in case one employee’s credentials are compromised.
Use secure passwords
Make sure that all employees who can access sensitive customer data have strong passwords. They should be unique, complex, and stored securely. Having a uniform account policy and using reliable password manager software throughout the company is recommended.
Encrypt you data
It is important to use encryption for storing and transmitting sensitive data. SMBs can get powerful protection with a VPN such as NordVPN, which establishes an encrypted connection, reroutes the Internet traffic through a remote server and hides the user’s identity.
Be cautious with remote access
Data breaches are largely initiated via remote access providing user access to a network without them having to physically be at work. Instead of opening a lot of entry points, each being a possible security hole, you can use a VPN that acts as a single entry point.