Being a small, rather unknown entity in the large world of business doesn't protect startups and small businesses from data breaches.
In fact, these companies have become prime targets for criminals because of their perceived inability to defend against a hacking attempt or physical threat. Come this new year, it's time for your business to take a stand.
Breaking down the statistics
Here are a couple of figures found by Nationwide Insurance that will startle any small business or startup owner:
- Nearly four out of every five small companies don't have any information security plan in place.
- Over three in every five have been a victim of a data breach in the last two years.
- Almost one in every three attacks is the result of a physical threat or unauthorized access.
You don't have to be a betting man or woman to see that the chances a company with less than 500 employees will suffer a data breach are high. It's no longer a matter of "if," but instead "when." The aftereffects of losing valuable employee or consumer information can be detrimental to the financial wellbeing of a young enterprise, as well.
Property Casualty 360 reported the expense attributed to notification could potentially tank a business alone. That's not counting litigation fees, noncompliance fines, the cost to revamp company cybersecurity standards or fiscal remediation for affected parties.
Now, of course stopping a data breach can be difficult—but there are certainly avenues that can be shut down before hackers have a chance to exploit them.
Physical theft easy to avoid
Perhaps the most preventable crime when it comes to a data breach is physical theft. According to research by Kensington, one company laptop is stolen every 53 seconds. But that's not the most expensive part of the robbing—the source estimated 80 percent of the cost to reimburse it is directly attributed to a data breach. Furthermore, 1 in every 2 devices are taken in plain sight from the office.
"Physical threats are the easiest to prevent."
How dangerous can one laptop in the wrong hands be? According to PCWorld, Hartford Hospital was once levied a $90,000 noncompliance fine because a laptop containing information on 9,000 patients was stolen from an EMC employee's home. That cost is just the entry fee—as mentioned before, the expenses go far beyond paying the courts.
You'd think preventing physical theft would be a staple in every small business' and startups' cybersecurity plan, but far too often it doesn't even cross the IT department. That's because, understandably, everyone is far more worried about malware and viruses that make the six o'clock news day after day. But in all honesty, it's far easier, and more simple, to steal a laptop or hard disk drive than it is to break into a database.
Sometimes a data breach is the result of an active crime, but it can also be the product of absent-mindedness. Many new startups begin their venture on older electronics and computers, then quickly throw them away as soon as they have the money to replace them with newer devices. The end result? A pile of discarded technology that holds a ton of valuable company information. Crushing or smashing these electronics won't do much to prevent physical theft either, as the information is magnetically stored on the hard disk drive, making it vulnerable to any hacker with a diploma.
Putting your foot down
It's time that small businesses and startups place a higher importance on protecting internal and external data. While cybersecurity is an animal in its own, physical theft is an incredibly easy crime to prevent, and one that should be accounted for on day one.
Instead of shipping off your company's old electronics to a third-party service that will wipe and dispose of them for you, take the power back by degaussing the equipment in-house. Degaussers completely demagnetize the hard disk drive, allowing the IT department to safely and securely crush the devices and then throw away the pieces.
One wrong business decision can send a startup or small business spiraling into nonexistence—but information security shouldn't be one of those mistakes. Small businesses have an opportunity to close the door on potential physical threats by degaussing their old equipment and securely disposing of it.