The following is a guest post by Cassie Phillips, a cybersecurity advocate and internet securities expert. You can follow her on Twitter @securethoughtsc.
Recent reports by GEM show that startups comprise some 100 million new businesses each year. It should come as no surprise then that these companies also are the perfect target market for hackers; many new companies have little, if any, experience in cybersecurity. They don’t think about it because it doesn’t really seem important—at least until something happens.
Because the pool of potential victims is so high, it makes that much more sense for startups to seriously begin considering cybersecurity from the very first day in business. Furthermore, an early data breach can easily spell the doom of a brand new company’s reputation.
That company could easily be yours unless you decide to invest in the future. Even if your business is run from the comfort of your house, you need to be considerate of how you will keep track of client payments, how you will secure your resources against hackers, and how you will create a public relationship with potential customers to demonstrate the security and reliability of your enterprise.
Every business begins from a small idea that then has the potential to grow exponentially. In the same way, your company’s security should start with small steps; that means investing in basic security infrastructure, such as commercial anti-virus software and Virtual Private Network (VPN) subscriptions, for individual devices.
Individually you might use “free for personal use” anti-malware programs, but your business should be using commercial versions both for ethical reasons and for insurance purposes. Older companies, such as Symantec and Kaspersky, offer very effective security packages, but don’t discount smaller companies, such as Avast.
The more mobile your business needs are, the more likely you’ll benefit from installing a VPN on any device with access to company accounts or emails. That’s because a VPN encrypts your internet connection and keeps hackers from stealing important data. Secure Thoughts lists a VPN as one of the top ways to prevent data breaches, particularly in small businesses.
Control and Prevent Damage
Once you have the basics under control and your business is moving in a growing direction, you may need to add staff. New team members are essential to any successful business; they’re also a major liability if not managed properly. Employees who don’t understand security can undermine your business in a major way by leaking company secrets and privileged customer information.
They don’t always do it intentionally, but even a small mistake can be costly. Customers who aren’t confident in doing business with you are unlikely to provide referrals and even less likely to continue doing business with you.
Train your employees to recognize scams and to separate “need to know” information about your company and assets. Customer names, addresses and other personal information should never be shared outside the company and should only be shared within the company as needed to conduct everyday business.
Limit access to company accounts based on need. Early on, it can be tempting to allow your small group of employees a great deal of access to the business, but too much can become a problem down the line. Keep communication open, but make sure access is compartmentalized, so that if one area is subject to a breach, it doesn’t leak into other sections of the business.
Reputation is Your Lifeblood
I’ve said it before, and I’ll say it again: in a world where communication is instant and word spreads faster than lightning, your reputation is your business. If, as a result of a breach, some of your customers have their identities stolen or end up victims of credit fraud, consequences can become major blowback for you.
And that’s not just in your reputation—certainly everyone that person knows will hear about how your company let them down—but you may even be liable for legal damages. Charges of negligence could land your company insolvent as a result of legal fees and penalties.
As your business grows, don’t write off security; cherish it as an important pillar of the company and hire people to manage both your reputation and your risks both online and off. Do that and whatever great product you’re promoting will have a much greater chance to be successful.
Does your company have a plan for cybersecurity? What are you doing to protect your virtual assets? Share some thoughts in the comment section.