Securing Customer Data: Tips for Small Businesses
Are you keeping your customer information as secure as possible? If your answer is “I’m not sure,” it’s time make this a priority. After all, a data breach is not something you want to reckon with. Here are some steps you can take to make sure you’re keeping all your data safe.
Know your data.
The first step is to make a list of all the customer data you collect or have on file. That means things like names, physical addresses, email addresses, phone numbers, and billing information. Then list out where you store this information — whether it’s electronically or in a physical filing system. Make sure to be extremely comprehensive; you’ll want a full picture of everything you have access to and where it resides.
Only your most trusted employees and business partners should have access to your customer data. Whether you keep things in a file cabinet, on your computer, or in an online tool, make sure as few people as possible have the keys, codes, and passwords. And keep a careful inventory of who has access to what. That way, if someone leaves the company, you can quickly change codes and passwords to keep things protected.
Have strong passwords.
You’ve heard this a million times, but it’s absolutely critical to make your passwords as guess-proof as possible. Your business name or “12345” isn’t going to cut it. Strong passwords have at least eight characters, upper and lowercase letters, numbers, and symbols. You should also enable two-factor authentication — a security process that requires two methods of verification (usually an email address and a texted code) — to log in to your most important apps.
Take authenticated payments.
When it comes to face-to-face transactions, magnetic-stripe cards are outdated and a lot less secure than newer payment technologies like EMV (chip cards) and NFC (contactless payments like Apple Pay). As opposed to magnetic-stripe cards, where customers’ bank account information is static on the back of the card, EMV and NFC transactions are authenticated — meaning they encrypt customer account information as the payment is processed. Getting set up to accept EMV and NFC (you’ll need a new payments processor) is something you should get on your to-do list ASAP. Fortunately, there are new, affordable readers that make accepting EMV and NFC easy for small businesses.
Use spam filters.
You know to steer clear of opening email that looks fishy. But unfortunately, spammers are getting a lot more savvy these days, sending email that looks legit but in fact is not. To make sure you don’t fall prey to one of these scams (where bad guys could potentially gain access to your data), be sure to install a rock-solid spam filter on your email system.
Install antivirus software.
You should protect your computer with antivirus software. Same holds true for every single company computer — or any personal computer your employees use to access business information. This doesn’t have to be expensive; there are a number of affordable (and free) antivirus applications out there. It’s a good idea to consult with an IT professional about which one works best for your business.
Stay on top of software updates.
We get it — that “install updates” screen pops up, you say “remind me later.” Well, to keep your data as safe as possible, you need to be timely with these, as many software updates include enhanced security features. So just bite the bullet and grab a coffee while things update.
Protecting your customer data is paramount — so set aside some time to make sure everything is as secure as possible.
How to Protect Your Small Business Data (Small Business Association)
Cybersecurity for Small Businesses (Federal Communications Commission)
Start with Security: A Guide for Businesses (Federal Trade Commission)