Unfortunately, we live in an age where it is all too common to wake up in the morning and read about yet another catastrophic data security breach that has affected one of the largest businesses on the planet. These types of breaches can strike healthcare organizations like Anthem, major movie studios like Sony Pictures and nearly anyone in between. They all have one core quality in common: the people affected by the breach ultimately weren't prepared for the type of threat that they faced as they depended more and more on digital resources to do their jobs each day. As a small-to-medium business owner, it's important to understand that just because your company isn't valued at billions of dollars doesn't mean that you won't be a target for these types of malicious individuals. There are a few key things that you need to understand about data security moving forward to protect yourself, the client base you've worked so hard to build and ultimately your business from harm.
The Costs of a Data Breach
To understand exactly what it is that you're up against, it's important to take a closer look at the very real costs associated with just this type of data breach. According to the security experts at IBM, the average cost of a data breach in 2015 was $3.8 million dollars - regardless of the type or size of business being affected. Not only does this represent a 235 increase from the same research conducted in 2013, but when you start to break things down the picture begins to get truly grim.
For each sensitive piece of information that is compromised by a hacker, it costs a business an average of $145 to $154".Think for a moment about all of the important and confidential documents that are stored on your business' file servers right now - if even 500 documents are lost to a breach (which is incredibly conservative given the fact that a network infiltration puts everything at risk), you're looking at an estimated cost of $72,500. Is this the type of hit that your small-to-medium-sized business can take?
Probably not, which is why it is hugely important to understand what you need to do moving forward to avoid these types of issues altogether.
Not All File Sharing is Created Equally
"File sharing has transformed the business world in a number of important ways, from its ability to increase communication and collaboration to its natural benefit of allowing your employees to work from any location on the planet with an active Internet connection." said Jeev Trika, CEO, of Top SEOS. It's important to understand, however, that just because you're sharing files on the Internet doesn't mean that those files are automatically safe from interception.
Only file sharing services like FTP and SFTP can provide you the protection you need to make sure that your documents stay out of the virtual hands of those who wish to do you harm. These file transfer protocols use both at-rest and in-transit encryption, meaning that the documents being transmitted are essentially "scrambled" until they reach the appropriate individual. Even if someone does intercept a file (or it is sent to the wrong recipient due to all-too-common human error), it would essentially be unreadable without the appropriate decryption key - which only the sender and the recipient have.
FTP and SFTP also come with a variety of other mission-critical security features, like the ability to disallow IP addresses based on country and more.
"Bring Your Own Device"
More and more businesses are instituting BYOD or "bring your own device" policies, allowing employees to use their personal devices to access work information both in the office and at home. Have you ever stopped to think about what would happen if those devices were compromised, however? A hacker could use an employee's iPhone as an entry point into your entire network. As a result, you need to institute a "BYOD Security Policy" moving forward. If an employee leaves the company, they need to agree to have their phone wiped of all confidential information as a result. Likewise, you need to have the ability to remotely wipe an employee's phone if it is lost, stolen or otherwise compromised in any way.
“A discussion of the concept of data security and the many different things that you need to know as a small-to-medium business owner to protect yourself, your clients and ultimately your business from harm.” explains Sara Davis, Director of Operations at Foxtail Marketing.
