It is too common a notion among small business owners that their businesses are “too small” for there to be risk of security breaches. This is illustrated by the findings of 2012 Report to the Nations by the Association of Certified Fraud Examiners which reported that small businesses, classified here as those with fewer than 100 workers, experienced rates of fraud instances of 31.8%. To compare, companies with 10,000 or more workers had a fraud incidence frequency of 20.6%. What puts small businesses at a higher risk for fraud incidents? The answer is about resources; small businesses just don’t have the arsenal of resources that are available to larger companies.
So what is a busy small business owner to do? Small business owners already have a to-do list a mile long without the need to add even more tasks to worry about. However, by taking the time to lay some foundational groundwork you can quickly decrease your vulnerability to a security breach. Here are the Top Five absolutely necessary actions that small business need to take in consideration of information security:
- Protect information, systems and networks from damage by viruses, spyware, and other malicious software and/or code
- Control physical access to your computer(s) and network components – this includes enabling the lock screen with password protection on computers
- Train your workers in basic security principles – provide them with a formal privacy policy to comply with when handling customer information
- Require individual user accounts for each employee on business computers and for business applications
- Limit worker access to data and information
In introducing these five basic steps to your business processes you reduce the two primary risks for security breaches – cyber-attacks and fraud committed by employees. Conducting an investigation to a security breach or fraud incidence is one thing that no small business owner wants on their to-do list!