Data Protection Tips For Small Businesses

Data Protection

Data Protection Tips For Small Businesses


Data protection rules affect all businesses, no matter the size or industry. Contrary to a common misconception, data breaches also affect small businesses; The 2015 Information Security Breaches Survey conducted by PWC concluded that 74 per cent of small companies were breached last year.

So, how do you protect your small business? There is no magic formula, but by following a few simple steps you can ensure that your small business is better protected from the risk.

Typically, a good first step is to understand the value of your data. Data Classification ensures you and your employees know how to handle all data in regards to its security level, and thus you minimise the chance of loss caused by human error. In addition, this enables you to efficiently encrypt all sensitive files. This is important because even if the data is stolen it will be unreadable and thus mitigates the risk.

The next important step would be to understand and control user access within your infrastructure. There are many Identity and Access Management solutions on the market, covering various areas which help achieve this. Typically, the main areas to cover are: multi-factor authentication, single sign-on and active directory auditing.

A real hot topic now is Insider Threat, both in the form of malicious users and human error. Employees and trusted contractors alike are often well placed to circumvent the controls and defences that protect sensitive data within an organisation. Their knowledge of the defensive systems, coupled with an all too frequent lethargic management mindset towards internal data security can make insiders a severe risk.

While insider theft only accounted for around 10 percent of data breaches in 2015, a Study by NetDiligence reported that insider involvement accounted for 32 percent of the claims. So it’s more important than ever for companies – both large and small – to be aware of the potential data protection risks of malicious insiders.

This covers off the basic level of security that small businesses should be implementing, however there will no doubt be plenty of other areas for consideration.

To learn more about effective data protection for your business, or for professional advice contact or call +44 (0)845 643 4063.