Security is a huge issue these days. From computer hacks to security breaches, businesses need to keep customer information private and secure at all times. Without a security process in place, you run the risk of losing everything you have worked so hard to build.
So, that begs the question: What security measures is your business taking to protect your customer’s privacy that may be overlooked by others? Here are 15 suggested places to start.
A. Update All Software
As a provider of infrastructure hosting for small businesses, I’ve seen untold numbers of privacy breaches that could have been avoided if the victim was running the most recent version of the targeted software. It’s easy to neglect updates, but they often include patches for security vulnerabilities. Not updating software leaves businesses open to ransomware attacks, malware infections and data theft. - Vik Patel, Future Hosting
A. Sign Non-Disclosures
Especially when it comes to intellectual property, we always suggest getting a non-disclosure agreement signed. It's not fool-proof because there could be breaches of contract, but it is still a binding agreement. I run a design consultancy so NDAs are great ice breakers, allowing clients to trust us from the start. - Andrew Namminga, Andesign
A. Hire an Outside Consultant
It's great to get an outsider to review your current practices because they'll see things with a fresh set of eyes. The problem with your team members who manage customer data is that they overlook their own mistakes, which is why they made them in the first place. Get a third party to review because they'll spot security issues that may be missed internally. - Andy Karuza, FenSens
A. Consider Legal Obligations
Under most presidential administrations, legal compliance can feel boring. Right now, though, it can be hard to guess what compliance will look like even a year out on issues like health insurance. As you're setting new privacy policies and choosing how to secure data, you need to consider what legal obligations you may need to comply with, as well as which you may not be willing or able to meet. - Thursday Bram, The Responsible Communication Style Guide
A. Use Multiple Pay Plugins
Google Wallet, PayPal and other third party hosts both reduce churn rates and also are more secure. A disclaimer of how the customer's email will be shared upon sign-up is also requisite. I do not share my lists and like my clients to feel secure in their purchase and to continue to be patrons, so these safeguards are of the utmost importance. - Matthew Capala, Search Decoder
A. Get Team Buy-in and Cooperation
Small business owners must help their team understand their everyday roles in protecting customer privacy. They need to adopt best practices in not sharing logins/passwords (e.g., don't Slack login credentials intra-team). They should also know the procedure to follow in case of a data breach or a device or account being compromised, so that everyone's responsibility and accountability are clear. - Cooper Harris, Klickly
A. Maintain a Secure Database
Taking every precaution to ensure that my company’s database is fully secure is key. It’s my job to ensure that it is not compromised. Maintaining an up-to-date firewall and changing passcodes periodically is key to securing client and employee information. - Patrick Barnhill, Specialist ID, Inc.
A. Use Web Crawler Protection
Web crawlers can be used to scan and obtain any unprotected data hosted on your websites. Using this technology, hackers and identity thieves can obtain personal information from your customers, including email addresses and even physical addresses. Some methods a small business can use to protect this information from web crawlers is to obfuscate personal info with code or block suspicious IPs. - Bryce Welker, Beat The CPA
A. Get Credit Card Encryption Software
To ensure credit card numbers are not stolen, install an encryption software. This encryption will change the credit card number to a false one for maximum security. Make sure the encryption software has a strong password so your customers are fully protected. - Jared Atchison, WPForms
A. Run Employee Background and Drug Tests
One thing we do with every employee is run them through the background and drug test. This method is not going to completely protect all customers, but the one time I did let a technician not go through the background, he ran a customer's credit card on his iPhone for $5,000. Research on employees pays off, period. - Tommy Mello, A1 Garage Door Repair
A. Force People to Use Strong Passwords
Too many businesses let customers use or choose any password they want. However, this often leaves them vulnerable to being hacked if they choose to use a weak password that is easily guessed. You can use software or hire a developer to force people to create and use passwords that meet certain minimum strength standards so it is much more difficult to have their private information exposed. - Justin Faerman, Conscious Lifestyle Magazine
A. Purge Data
My company specializes in serving clients who have been the victims of cyber attacks and hacks. Our work shows how commonplace hacks are and that no one is safe from cyber attacks. Many small companies make the mistake of holding onto customer information and data. Purging all of this information is critical in mitigating any attack and protecting your customers' privacy. - Jennifer Mellon, Trustify
A. Switch to the Cloud
Migrating all of your company data into the cloud is safer than keeping it in a server room where anyone with a key can access your files. By operating your business via cloud services, you’ll be able to better secure your company’s business, employee and client information. - Derek Broman, Discount Enterprises LLC deguns.net
A. Ensure PCI Compliance
If you accept credit card payments, make sure you're PCI compliant. To be compliant, you'll need to follow a list of best practices that help ensure the safety of your customers' information. From encryption to employee procedures, PCI compliance covers a variety of topics and must be maintained to ensure safety. Once compliant, advertise it in the footer of your website and during checkout. - Kyle Goguen, Pawstruck
These answers are provided by the Young Entrepreneur Council (YEC), an invite-only organization comprised of the world's most promising young entrepreneurs. In partnership with Citi, YEC recently launched BusinessCollective, a free virtual mentorship program that helps millions of entrepreneurs start and grow businesses.