How to Fix Common Data Security Mistakes -- Security Today

How to Fix Common Data Security Mistakes

By Jerry Hsieh
Jun 02, 2022

Your favorite bagel shop may have an amazing selection of sesame, garlic, parmesan, and blueberry bagels, friendly customer service, and that quirky vibe that you love. But it may not have the much-needed security in place to protect them and you against cybercrime. The damaging effects of cyber threats like malware, phishing, and ransomware on a small business can put sensitive and personal data of employees and customers at risk — not to mention vendors and everyone in the supply chain.

In fact, 60% of small companies go out of business within six months of falling victim to a data breach or cyberattack. Small to medium-sized businesses (SMBs) face the same type of cyberattacks as their larger counterparts but are more vulnerable because they often lack a robust cybersecurity infrastructure, internal security support, and technology know-how. The evolution of the digital landscape and the effects of the pandemic have unfortunately made smaller organizations the perfect target for cyber criminals. And it’s a big problem — according to the Small Business Administration, there are 32.5 million small businesses with less than 500 employees in the U.S.

A hole in a bagel is acceptable, but a security hole could be a recipe for disaster. Considering how much data a small business has that could potentially be compromised — financial information, customers’ credit or debit card numbers, personal identification numbers, passwords, or customers’ personal information (name, address) from loyalty programs — it might be time to shore up security efforts.

Eight Common Data Security Mistakes and How to Fix Them

Fortunately, common data security mistakes are easily remedied without adding headcount or much cost:

1. Treating all data equally. Often, businesses don’t know what to protect. Understanding the value of different types of data will help with a corresponding data security strategy. Once you determine your most sensitive data, encrypt it — this makes it unreadable if compromised. Many small businesses look to full-disk encryption obtained through built-in programs or third parties.

2. Setting up Wi-Fi yourself. Offering secure, reliable Wi-FI for customers can help you with repeat customers and Yelp reviews. But a poorly configured Wi-FI could provide an opening for cyber thieves. Look to experts to help you strategically plan, configure, and install the right equipment.

3. Misconfiguring a Virtual Private Network (VPN). Similarly, consult experts to help with your VPN. Traditional VPNs do not have adequate control over who or what device can connect to the network. It is often exploited because there is no standard way to set it up, operate, or distribute access. Organizations may want to look to an expert to ensure the access channel is secured to protect data and confidentiality.

4. Trying to handle security yourself. With limited people and budget, consider outsourcing security to service providers with the specialized knowledge to properly configure and keep your systems and applications safe. A trusted and experienced third party can manage this for you so that you won’t overlook some of the key security features.

5. Not prioritizing employee security training. Humans are the weakest link in cybersecurity. Most compromises are caused by a simple error such as an employee clicking on a harmful link. Training employees on good security practices, such as two-factor authentication, will go a long way to greatly reduce cyber threat risks.

6. Relying on old technology. Many companies rely on outdated, legacy systems to save costs. Legacy applications rely on older, more limited frameworks, software libraries, and operating systems, presenting more security issues. Modern applications are better integrated with newer frameworks and platforms and have built-in security features to reduce the chance of data compromise.

7. Skipping data backup. Many businesses, large and small, often overlook this critical step. A frequent backup strategy is essential, especially to protect financial data, intellectual property, source code, and email. A good plan is to start backing up your mission critical data first.

8. Forgetting software patches. Don’t leave your organization and employees vulnerable when security updates and patches are readily available for everything from operating systems to applications to devices.

Most companies don’t need a complete security overhaul. A few measured, practical steps can make a big difference in helping small businesses protect their data, systems, reputations, and livelihoods. While your favorite bagel shop may have already perfected the chewy bagel, a few adjustments to security practices may be on the menu.

HID Signs Agreement to Acquire Calmell Group
07/10/2025
HID and ASSA ABLOY Recognized with Renowned Red Dot Award for Innovative Biometric eGate Design
07/09/2025
Security Industry Association Announces Program for 2025 AcceleRISE Conference
07/07/2025
SIA Opens Applications for 2025 Denis R. Hébert Identity Management Scholarship
07/07/2025
Honeywell Makes Strategic Tuck-in Acquisition of Li-ion Tamer
07/01/2025
Defining SASE at the Largest Consumer Electronics Chain in the Nordics
06/26/2025
Elite Interactive Receives Strategic Investment from CIVC Partners
06/26/2025
ProdataKey’s Emergency Response Integrations: Integrated Access Control Made Easy
06/25/2025

Featured

Sustainable Video Solution Delivered for Landmark City of London Office Development

An advanced, end-to-end video solution from IDIS, with a focus on reducing waste and costs, has helped a major office development in the City of London align its security with sustainability objectives. Read Now
- Facility Security
DHS to End ‘Shoes-Off’ Travel Policy

Homeland Security Secretary Kristi Noem announced a new policy today which will allow passengers traveling through domestic airports to keep their shoes on while passing through security screening at TSA checkpoints. Read Now
- Airport Security
AI to Help Resolve Non-Emergency Calls Across Utah and Decrease 911 Caller Wait Times

The Utah Communications Authority (UCA), which oversees the state’s next generation 911 technology services, recently announced that public safety answering points (PSAPs) throughout the state plan to implement Motorola Solutions’ Virtual Response technology to automate the receipt and resolution of 10-digit non-emergency line calls in Utah with the help of AI. Read Now
- Government
Report: 2025 Video Surveillance Market Set to Grow After Small Decline in 2024

Novaira Insights has unveiled its latest report, “World Market for Video Surveillance Hardware and Software – 2025 Edition.” The research indicates that the global market for video surveillance hardware and software experienced a slight decline of 0.3% in 2024. This performance fell short of previous forecasts, primarily due to a significant decrease of 7.8% in the Chinese market. Conversely, the rest of the world saw a growth of 4.9%. The global market for video surveillance equipment was estimated to be worth $25.0 billion in 2024. Read Now
- Video Surveillance
Report Reveals Local Governments Face Surge in Ransomware Attacks with Minimal Resources

KnowBe4, the cybersecurity platform that comprehensively addresses human risk management, recently released new research highlighting the critical cybersecurity challenges facing state, local, tribal, and territorial (SLTT) governments. The report details how government organizations have become prime targets for cybercriminals while simultaneously facing severe resource constraints. Read Now
- Government

Security Today eNews

Sign up today for essential industry news and product information that can help you stay afloat in the fast-paced world of security.

Email Address*Country*

Please type the letters/numbers you see above.

Webinars

Whitepapers

New Products

Camden CV-7600 High Security Card Readers

Camden Door Controls has relaunched its CV-7600 card readers in response to growing market demand for a more secure alternative to standard proximity credentials that can be easily cloned. CV-7600 readers support MIFARE DESFire EV1 & EV2 encryption technology credentials, making them virtually clone-proof and highly secure.
Automatic Systems V07

Automatic Systems, an industry-leading manufacturer of pedestrian and vehicle secure entrance control access systems, is pleased to announce the release of its groundbreaking V07 software. The V07 software update is designed specifically to address cybersecurity concerns and will ensure the integrity and confidentiality of Automatic Systems applications. With the new V07 software, updates will be delivered by means of an encrypted file.
Mobile Safe Shield

SafeWood Designs, Inc., a manufacturer of patented bullet resistant products, is excited to announce the launch of the Mobile Safe Shield. The Mobile Safe Shield is a moveable bullet resistant shield that provides protection in the event of an assailant and supplies cover in the event of an active shooter. With a heavy-duty steel frame, quality castor wheels, and bullet resistant core, the Mobile Safe Shield is a perfect addition to any guard station, security desks, courthouses, police stations, schools, office spaces and more. The Mobile Safe Shield is incredibly customizable. Bullet resistant materials are available in UL 752 Levels 1 through 8 and include glass, white board, tack board, veneer, and plastic laminate. Flexibility in bullet resistant materials allows for the Mobile Safe Shield to blend more with current interior décor for a seamless design aesthetic. Optional custom paint colors are also available for the steel frame.