May 3, 2019 / Lindsey Weiss - Outbounding.com
Every year, there seems to be a big news story about a corporation that has been hacked and breached,
or there’s an email sent from a company to its members about said breach. This scenario has become seemingly commonplace, because everything is online and susceptible to hackers. No business is too
small to be exempt from this unfortunate occurrence, especially if you’re not careful and proactive.
It happens to the best of us, and it’s not always due to a sophisticated hacker cracking a vulnerable system. Sometimes, the leak comes from within, through an untrustworthy employee or a disgruntled former employee. Security and data breaches can come in the form of client data being exposed, financial records being posted, or internal communications and plans being made public. The leak could be an email that was intended for internal use only, or it could be customers’ stored credit card information. Whatever the case may be, no business owner wants to be on the receiving end of such a damaging attack.
The Sarbanes-Oxley Act (SOX) of 2002 requires that corporations follow certain standards with accounting practices and financial reporting. SOX compliance laws for archival records include interfering with records, length of time and guidelines for storage, and types of records that must be stored. Under this act, business records for public companies must be stored for at least five years.
Small, private businesses are still affected by SOX, especially when there’s a data breach in the IT department. SOX contains rules about how sensitive data is handled and protected. Failure to comply can lead to fines and criminal consequences. To be sure that your business is following SOX rules, develop best practices for security control to maintain compliance, and use data classification tools for handling data. Encryption of the data can also protect against unauthorized access of regulated data. Your best protection is a security solution that protects data and ensures SOX compliance.
To remain proactive and preventative against security breaches, employ a software security system that protects and encrypts your sensitive data from hackers. When it comes to data breaches within your own staff, it’s impossible to know whether something like this will happen. You can do your part to thoroughly vet and conduct background checks on all employees, but even then, who they once were won’t tell you what they might do. These tips could help you avoid an inside leak, whether due to employee negligence or a breach of trust:
• Have systems in place to ensure that employees don’t have unmonitored or unauthorized access to
• sensitive information.
• Assign secure authentication tokens for employees’ access to the company network.
• Invest in security software from a reputable manufacturer. Software suites made specifically for small
• businesses can save you money and protect your daily operation by combining anti-virus capabilities,
• high-risk activity blockers, and the ability to monitor all computers from afar.
• Check in regularly with your employees, and build trusting relationships to instill loyalty and prevent
• insider leaks.
• Once an employee leaves, be sure to change all passwords and access codes.
If a security breach does happen to your business, how you react can make or break the trust that your customers have in you. Recovery is possible, but like with any PR disaster, it all lies in how you manage it.
Try following these steps:
1. Acknowledge what has happened, and inform your customers or clients. Depending on how you
typically contact customers, an email, phone call, and/or even a written letter will do.
2. Own up to the mistake and apologize. Don’t attempt to deflect blame or shirk responsibility.
3. Take steps to ensure privacy and data protections. Offer support, solutions, services, and a plan to
prevent future attacks.
4. Open the lines of communication, and answer questions as honestly as possible. A breach of privacy
could mean a breach of trust, but you can rebuild trust by showing that customer relationships matter
A loyal customer base can be forgiving if they believe that your apology is sincere and you’re willing to rectify the issue. It’s up to you, as a business owner, to protect your IP and your customers’ data. Keep fraud at bay by remaining vigilant with cyber security and transparent with your community. It takes time and effort, but your business can rebound and survive a major setback if you take the right actions.
Lindsey Weiss is the co-creator of Outbounding.com, which connects your organization with the publishers and webmasters who care about your vertical.