How to Fix Common Data Security Mistakes

How to Fix Common Data Security Mistakes

  • By Jerry Hsieh
  • Jun 02, 2022

Your favorite bagel shop may have an amazing selection of sesame, garlic, parmesan, and blueberry bagels, friendly customer service, and that quirky vibe that you love. But it may not have the much-needed security in place to protect them and you against cybercrime. The damaging effects of cyber threats like malware, phishing, and ransomware on a small business can put sensitive and personal data of employees and customers at risk — not to mention vendors and everyone in the supply chain.

In fact, 60% of small companies go out of business within six months of falling victim to a data breach or cyberattack. Small to medium-sized businesses (SMBs) face the same type of cyberattacks as their larger counterparts but are more vulnerable because they often lack a robust cybersecurity infrastructure, internal security support, and technology know-how. The evolution of the digital landscape and the effects of the pandemic have unfortunately made smaller organizations the perfect target for cyber criminals. And it’s a big problem — according to the Small Business Administration, there are 32.5 million small businesses with less than 500 employees in the U.S.

A hole in a bagel is acceptable, but a security hole could be a recipe for disaster. Considering how much data a small business has that could potentially be compromised — financial information, customers’ credit or debit card numbers, personal identification numbers, passwords, or customers’ personal information (name, address) from loyalty programs — it might be time to shore up security efforts.

Eight Common Data Security Mistakes and How to Fix Them

Fortunately, common data security mistakes are easily remedied without adding headcount or much cost:

1. Treating all data equally. Often, businesses don’t know what to protect. Understanding the value of different types of data will help with a corresponding data security strategy. Once you determine your most sensitive data, encrypt it — this makes it unreadable if compromised. Many small businesses look to full-disk encryption obtained through built-in programs or third parties.

2. Setting up Wi-Fi yourself. Offering secure, reliable Wi-FI for customers can help you with repeat customers and Yelp reviews. But a poorly configured Wi-FI could provide an opening for cyber thieves. Look to experts to help you strategically plan, configure, and install the right equipment.

3. Misconfiguring a Virtual Private Network (VPN). Similarly, consult experts to help with your VPN. Traditional VPNs do not have adequate control over who or what device can connect to the network. It is often exploited because there is no standard way to set it up, operate, or distribute access. Organizations may want to look to an expert to ensure the access channel is secured to protect data and confidentiality.

4. Trying to handle security yourself. With limited people and budget, consider outsourcing security to service providers with the specialized knowledge to properly configure and keep your systems and applications safe. A trusted and experienced third party can manage this for you so that you won’t overlook some of the key security features.

5. Not prioritizing employee security training. Humans are the weakest link in cybersecurity. Most compromises are caused by a simple error such as an employee clicking on a harmful link. Training employees on good security practices, such as two-factor authentication, will go a long way to greatly reduce cyber threat risks.

6. Relying on old technology. Many companies rely on outdated, legacy systems to save costs. Legacy applications rely on older, more limited frameworks, software libraries, and operating systems, presenting more security issues. Modern applications are better integrated with newer frameworks and platforms and have built-in security features to reduce the chance of data compromise.

7. Skipping data backup. Many businesses, large and small, often overlook this critical step. A frequent backup strategy is essential, especially to protect financial data, intellectual property, source code, and email. A good plan is to start backing up your mission critical data first.

8. Forgetting software patches. Don’t leave your organization and employees vulnerable when security updates and patches are readily available for everything from operating systems to applications to devices.

Most companies don’t need a complete security overhaul. A few measured, practical steps can make a big difference in helping small businesses protect their data, systems, reputations, and livelihoods. While your favorite bagel shop may have already perfected the chewy bagel, a few adjustments to security practices may be on the menu.

Featured

  • Evolving Cybersecurity Strategies: Uniting Human Risk Management and Security Awareness Training

    Organizations are increasingly turning their attention to human-focused security approaches, as two out of three (68%) cybersecurity incidents involve people. Threat actors are shifting from targeting networks and systems to hacking humans via social engineering methods, living off human errors as their most prevalent attack vector. Whether manipulated or not, human cyber behavior is leveraged to gain backdoor access into systems. This mainly results from a lack of employee training and awareness about evolving attack techniques employed by malign actors. Read Now

  • Report: 1 in 3 Easily Exploitable Vulnerabilities Found on Cloud Assets

    CyCognito recently released new research highlighting critical security vulnerabilities across cloud-hosted assets, revealing that one in three easily exploitable vulnerabilities or misconfigurations are found on cloud assets. As organizations increasingly shift to multi-cloud strategies, the findings underscore significant security gaps that could provide attackers with potential footholds into networks. Read Now

  • Built for Today, Ready for Tomorrow

    Selecting the right VMS is critical for any organization that depends on video surveillance to ensure safety, security and operational efficiency. While many organizations focus on immediate needs such as budget and deployment size, let us review some of the long-term considerations that can significantly impact a VMS's utility and flexibility. Read Now

  • Paving the Way to Smart Buildings

    In today's rapidly evolving security landscape, the convergence of on-prem, edge and cloud technologies are critical. The physical security landscape is undergoing a profound transformation, driven by the rapid digitalization of buildings and the evolving needs of modern organizations. As the buildings sector pivots towards smart, AI and data-driven operations, the integration of both edge and cloud technology has become crucial. Read Now

  • The Cybersecurity Time Bomb

    If you work in physical security, you have probably seen it: a camera, access control system, or intrusion detection device installed years ago, humming along without a single update. It is a common scenario that security professionals have come to accept as "normal." But here is the reality: this mindset is actively putting organizations at risk. Read Now

Most   Popular

New Products

  • Mobile Safe Shield

    Mobile Safe Shield

    SafeWood Designs, Inc., a manufacturer of patented bullet resistant products, is excited to announce the launch of the Mobile Safe Shield. The Mobile Safe Shield is a moveable bullet resistant shield that provides protection in the event of an assailant and supplies cover in the event of an active shooter. With a heavy-duty steel frame, quality castor wheels, and bullet resistant core, the Mobile Safe Shield is a perfect addition to any guard station, security desks, courthouses, police stations, schools, office spaces and more. The Mobile Safe Shield is incredibly customizable. Bullet resistant materials are available in UL 752 Levels 1 through 8 and include glass, white board, tack board, veneer, and plastic laminate. Flexibility in bullet resistant materials allows for the Mobile Safe Shield to blend more with current interior décor for a seamless design aesthetic. Optional custom paint colors are also available for the steel frame.

  • EasyGate SPT and SPD

    EasyGate SPT SPD

    Security solutions do not have to be ordinary, let alone unattractive. Having renewed their best-selling speed gates, Cominfo has once again demonstrated their Art of Security philosophy in practice — and confirmed their position as an industry-leading manufacturers of premium speed gates and turnstiles.

  • Camden CV-7600 High Security Card Readers

    Camden CV-7600 High Security Card Readers

    Camden Door Controls has relaunched its CV-7600 card readers in response to growing market demand for a more secure alternative to standard proximity credentials that can be easily cloned. CV-7600 readers support MIFARE DESFire EV1 & EV2 encryption technology credentials, making them virtually clone-proof and highly secure.