Stop using the same password. Insist to your staff that all passwords be unique for each user and for your workplace. This means the passwords that they use for your business cannot be even close to the ones they use for their banking, social media, or shopping on line. When you are prompted for a password change, really think about what goes into a hacker-proof password.
Go on a shredding spree. Is there client data in the trash can? Data is often taken from small business trash bins and sold or published. It is not just good practice to shred sensitive documents...it's the law! Be sure to use your shredder or hire the services of a shredding company.
Ditch the accounting spreadsheets. Do you still use Excel spreadsheets for your business numbers? If so, you are opening your business to risk and making your accountant crazy! Spreadsheets are not designed to protect your finances or those of your clients. It is time to upgrade to a proper accounting system with customer data protection and guaranteed security.
Train staff explicitly. Not everyone knows everything. What you think someone knows-they may not! Be sure to hold bi-yearly data safety training classes for your staff. Don't forget to add this training to your new staff orientation as well.
Limit access to data. Limit who can access your data. Remove employee access as soon as they leave your company. Have rules for who can access what data and when. Do all your employees need sensitive data when they are working from home? Does everyone need to be able to change files or do they only need to view them?
Keep your software updated. If you have outdated software you are putting yourself at risk for cyber-criminals. These people know to look for weaknesses in business software. I know that pop-ups and reminders to update may be frustrating but they are actually helping your business...as long as you do the updates! Updated software provides protection against new viruses and shuts off any weaknesses.
If you would like to make sure your business is secure from data breaches, give us a call at 937-660-4899.