This series on data security is commissioned by IBM. Read more about building a smarter planet on the IBM A Smarter Planet Blog.
Photo: HeyRocker via Flickr
Small business owners are starting to get wise to the fact that while they don’t have the same data-security concerns as large companies, it’s an aspect of their business that can’t be overlooked. But they face unique challenges to securing data that enterprises don’t: a budget to invest in the latest in security software and hire an IT staff dedicated to data protection. The good news is, there are a few things small businesses can do right away without spending a lot of money to keep data behind the firewall where it belongs. Here are five suggestions from the Better Business Bureau and other experts for keeping data more secure at the small-business level.
Ban the use of flash drives and other USB-based devices for use with business computers. Something as innocuous as uploading personal photos or documents from a flash drive to an office PC could bring down the whole network and expose all of its data. If you're sceptical about this, just ask the U.S. military, which recently admitted that it was a malware-infected flash drive that caused the largest data breach in the history of the Department of defence.
Prevent employees from accessing the business network on their laptops when they take them out of the office. You can't control what files employees download when they're not at the office, so why take the risk? Prevent employees who take their laptops home from accessing the business network while they're not at work. If work purposes require employees have access at home through a VPN, make sure that network is airtight and secure before letting them use it.
Know where your data is stored, how much there is of it and where the possible leaks are. A simple inventory of data and all its potential vulnerabilities could save a small business a lot of hassle down the line. This may seem like an obvious suggestion, but with lack of a seasoned IT staff to perform this task comes a lack of knowledge about exactly where data is stored and how much there is of it, as well as where the possible leaks are. Don't be in the dark about your data.
Along the same lines, take careful inventory of who has access to data. This also seems like common sense but is a task easily overlooked, especially when employees join or leave the company. Often in cases of a data breach in which a former employee is involved, that person still had access to business network even after moving on to a new company. Making sure to delete former employees' accounts and eliminate their access rights is an easy way to keep those who shouldn't be allowed into the network out of it.
Securely store customer data or destroy information that is no longer needed. Small businesses with a lot of point-of-sale transactions must take into account not only the security of their own data, but also about customer information stored on an IP-based network. Many data breaches at the small-business level expose credit-card information to would-be identity thieves. To prevent this, know who has access to business computers, including any third-party vendors or suppliers. You should also ensure that all printed copies of documents that contain full cardholder account numbers are physically secured.
NOW WATCH: Ideas videos
Business Insider Emails & Alerts
Site highlights each day to your inbox.