Table of contents
Cybersecurity has been a headline-making topic lately, as organisations ranging from major credit bureaus to mega-retailers to social media giants have reported data breaches. But it’s not just the big players that hackers are targeting: Studies show that 43 percent of cyber attacks target small businesses, and 60 percent of attacks target midsize businesses.
And not only are these small and midsize businesses getting attacked more often, but they’re also less likely to recover than large corporations. According to the Australian Small Business and Family Enterprise Ombudsman, 60 percent of all small businesses that suffer a cyber attack go out of business within six months of the breach. The most common types of attacks are web attacks, phishing, and malware. Data breaches are the most expensive to deal with, with the average cost of a breach at $3.35 million in 2020, an increase of 9.8 percent compared to 2019. Malicious attack breaches cost organisations $3.74 million on average, system glitches at $2.90 million, and human error at $2.82 million.
The good news is that there are data security measures you can implement to protect your business. Here’s what you need to know:
What is data security?
The definition of data security is implied by the term itself.It refers to the measures that an organisation takes to protect sensitive information, including the privacy of its customer data and shielding data from corruption and malicious attacks.
Data security should be top of mind for all companies, but perhaps especially for small businesses. Not only is there the significant financial cost of dealing with a data breach, there is also collateral damage, like the loss of customer trust. As noted earlier, 60%of small businesses that experience a cyber-attack never recover.
Large corporations also take a significant hit to their business and reputations when their data is compromised — and it seems like no one is safe. In the past few years, major breaches in Australia have been reported at companies like Ubiquiti, Eastern Health, Microsoft, Transport NSW, Oxfam and ASIC, just to name a few.. And in 2020, even Facebook had a major data breach that leaked information for more than 533 million Facebook users.
These breaches, in particular, have sparked crises of credibility among consumers, and the companies are still working to figure out how to protect customer data and regain public trust.
Types of data security measures
1. Encryption
This is one of the best-known data security technologies that renders information unreadable to those outside the organisation (like hackers).
2. Authentication
This measure requires users to enter a password or other information before logging in. More companies are transitioning to two-step authentication, which might require, for example, a user to enter a password and then a code that they receive via text.
3. Backups & Recovery
It’s better to be safe than sorry, backing up your data will be useful in the event of system failure, disaster, data corruption, or breach. The backup data copy should be copied and saved on a separate format such as a physical disk, local network, or cloud to recover if needed.
Types of data breaches
Understanding the common types of data breaches and their impacts on your business will help increase the awareness of potential damage to your business and prepare inline prevention plans.
1. Ransomware
This is the incident when you receive a message notifying that your device such as phone or laptop has been hacked. The person who got hacked will be asked a fee varied from nominal to hundreds of thousands of dollars to take back access to the device.
The solution to this will be risk management solution partners to avoid the release or deletion of confidential information of the business.
2. Phishing
Phishing attacks come under the form of emails that appear legitimate or sites that look genuine. This type of data breach might be overlooked but it could cause serious issues to the safety of sensitive data that your business possesses.
3. Malware
Malware, also known as viruses, is harmful by targeting to wipe off the data on the device or server. A simple tip but yet effective to avoid this potential breach of data is avoid clicking on anything that you find suspicious or unsure of.
What security standards should businesses adhere to?
The Payment Card Industry Data Security Standard (or PCI DSS, for short) is a standard that was set by the five largest credit card companies to help reduce costly consumer and bank data breaches. These standards ensure that merchants safely and securely accept, store, process, and transmit customers’ credit card information during a transaction, so complying with PCI DSS helps protect against data breaches.
How Square protects your transactions
As a seller, you’re required to comply with PCI DSS if you accept payments through American Express, Discover, JCB, Mastercard, and Visa credit cards. Compliance isn’t simple, though, and it can entail the installation of pricey software and hardware and signing an expensive contract that requires you to agree to a bank’s terms for annual PCI compliance.
But with Square, payments are PCI DSS compliant, so you don’t have to worry about audits, assessments, or noncompliance fees.
Square also protects you from chargebacks, which is when a cardholder disputes a transaction and asks their credit card company to reverse the payment. Even if the card-issuing bank rules in your favour, it can be a slow, complicated process, and on top of that, many payment processors assess a fee from you in a chargeback situation. Square doesn’t charge a fee in these situations, and we deal with the bank disputes for you.
In addition to PCI DSS compliance and chargebacks, Square also shields you from fraud by monitoring payments, keeping an eye out for suspicious activity, and adjusting our algorithms to check for new trends in fraud. If our team suspects that something is wrong, we’ll reach out to you to head off any potential problems before they affect your business.