Part 1: Risky Business – Are You Secure?

“Let us not look back in anger or forward in fear, but around in awareness.”   – James Thurber

When you work with small business owners every day, as we do, you get a first-hand view of how the pace of technology advancement affects them.  While it affords new and exciting – sometimes daring – opportunities, it also comes with new and confusing – sometimes disastrous – risks.   

We have seen, up close, the fallout from a Client’s server being hacked and his financial data held for ransom.  We have seen the realities and inconveniences of identity theft.  And we have seen the panic that ensues when a breach may have resulted in unauthorized access to thousands of pieces of sensitive customer data.  But to quote the great philosopher, Billy Joel:  “The good old days weren’t always good, and tomorrow ain’t as bad as it seems.”  What we must do, in the age of complex digital risk, is to arm ourselves with knowledge and good habits, to protect our businesses.  Here are the big ideas:

1. Keep it Simple: Train your people on basic security habits, and then train them again….and again.

Why repetition?  Because we shouldn’t get into trouble when trouble is easily avoidable.  “The most common security weakness we see at small and medium-sized businesses is user education,” says Brian Minker, Principal at Able Technology Partners in Burlington, NJ.  “Your employees are inundated with emails every day, and often click links in them without properly vetting that it’s from a valid and safe sender.  Training users how to identify nefarious emails –  and making sure they understand the potential harm – can significantly reduce risk for companies.”

2. Common Sense: Invest in good software to combat malicious software.

Consult your IT professional to ensure that your anti-virus software is up to the task (“Enterprise grade”, says Minker) and continually monitored on ALL of your business computers.

3. Buckle Up (your Data) for Safety:  It’s the Law!

Did you know that most states now have guidelines requiring public notification if a security breach exposes any personal information?  “Security breaches have become more common and also more regulated,” says Minker. “Many of the requirements that only affected companies involved with medical records or credit card data are now being imposed on any company that has information as basic as a person’s name and address.”    

In addition to notification requirements, states can impose remedies and fines if you have failed to properly protect customer data.   

At CLM Advisors, we are not IT experts, but we know a few.  Ensuring that our clients are making smart moves to protect themselves from ugly security problems is part of our mission to improve and nurture small businesses.  Don’t be discouraged by risks and threats – hire a great IT consulting firm, ask them lots of questions, and create a strong culture of information security throughout your company.