In this episode of the Innovation in Compliance Podcast, Tom Fox has a discussion about data security for smaller companies with the president of Choose Networks: Chris Hoose.
Choose Networks is described on its website as Chris Hoose’s youngest child – and that’s something many entrepreneurs can relate to. The idea of family, however, is very important to the culture of Choose Networks. Maintaining that kind of family culture, where you have friends at work, and even in terms of how you think about your clients and vendors is a major priority for Chris – and a key element in how they provide a consistent product to their client. This matters because they really serve as an extension of their clients’ staff – the IT department.
Small Businesses are Tempting
The biggest reason hacking is an issue for small companies is that they often have access to the databases of much bigger companies. A small business can be a tempting target for a hacker, who thinks of them as an easy way into a much bigger organization.
Small companies can demonstrate that their systems are secure, and in compliance with all relevant regulations to communicate to large clients that they’re on top of and careful about, security. The technical requirements are the easy part – more difficult is behavior, and making sure that teams are adhering to policy.
Passwords are Still Key
It’s important to be careful with your passwords – believe it or not, many people still have to be told not to write them down and stick them to your monitor! Adding 2-factor authentication methods takes security one step further, and can be valuable for organizations who have access to sensitive information. Still – the number one thing to do to prevent cyber threats is to educate their employees about how to be mindful.
Storing Information on the Cloud
Cloud storage is everywhere – and it’s great in terms of ease of access, but relying on someone else to protect your data can be risky. On the other hand, they’re often much better at protecting things than you are. Choosing the right provider is important: you don’t want to trade security for convenience.
Have you Updated Your OS?
Vulnerabilities in operating systems are one of the most common ways for hackers to gain access to sensitive information. Since companies don’t know what the vulnerabilities are when they release an OS, they release security patches as they are discovered. At a certain point, the creators of Operating Systems have to stop producing security patches for their software – and when that happens, it’s open season. Update your OS on a regular basis – and upgrade it when it’s getting too old to protect.
When you’re dealing with teams that work remotely, your cloud provider is the most important data security consideration – and another major one is who owns the hardware your team uses. If your employees use their own equipment, you need to make sure you have certain privileges on them – like monitoring any recording, and remote wiping.