Being a small business, it can be hard to know where to start when equipping your office’s digital space with the necessary safeguards to keep your data private. Ponemon's 2019 Global State of Cybersecurity in Small and Medium-Sized Businesses study noted that 63% of small businesses had their data breached by negligence on part of the employee or contractor. Clearly the issue of data privacy is a real concern for small businesses and begins with each employee’s technology practices. As we rely on various pieces of technology to function effectively as a workplace, it is important to create a workplace technology policy that establishes clear guidelines and expectations for your employees. This policy is simply a set of best practices that aims to help each team member navigate their technology usage as safely and effectively as possible, avoiding pitfalls that can lead to hacking or lost data. Below are a few tips that your small business can include in your office technology policy to begin securing your data today.
“Password is incorrect.”
This message is not only disruptive to your workflow but can be an indicator that your data is not secure. Your office can avoid lost data by having a standard practice that all employees follow when savings and creating passwords for various work accounts. One of the easiest ways to organize your passwords is implement of password management software. One such software is LastPass, a password bank that documents and secures all your passwords for future log-ins. Storing all your work-specific passwords (that should ALWAYS be unique) through this application keeps your data safe and allows those in the office to access any log-ins they may need access to while you are out of the office.
Additionally, many technology security providers highly encourage your office to implement the two-factor authentication whenever possible. Some websites will not have this as an option, but this can be a great way to deter hacking in your email, social media, and professional accounts.
One of the most used vehicles for data breaches and computer viruses is through the opening of and interaction with unsolicited emails. Having your office complete the list of checks below can help you identify and avoid these issues.
Check the domain name- A hacker can easily mimic trusted company names in the “from” line, but never the domain of the actual email. Be sure to look out for any domain names that are unfamiliar, misspelled, or unrelated.
Check the email writing style- One common tell of a spam email is the writing-often sloppy or full of grammar and spelling mistakes. These imply phishing (“the fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers”), and should be immediately disregarded as spam.
Check for links and attachments- Emails that are dangerous will almost always have a link or attachment for you to download. ALWAYS stop to check the legitimacy of the email with the above criteria before downloading anything.
Regularly Backup Documents
A successful office workflow relies heavily on document sharing and organization. Many businesses have found that saving your documents to an online application allows multiple users to edit, access, and save it at one time, making collaboration easier. There are multiple softwares available to help you with both document organization and live editing. A free option is Google Drive, which allows you to edit google documents in live time, save online, and then export to your file of choice. A more costly but sophisticated option is Microsoft SharePoint, a data library that works with Microsoft tools to create, edit, save, and review documents online.
Regardless of what application you use, it is important to regularly take stock of what documents are saved where and update all revisions accordingly in the appropriate file. Keeping these expectations clear to your employees will keep your databases clean and save you from losing important documents due to a faulty deletion or data breach.
Choose an Office Tech Liaison
Even though the above tips are simple to implement, someone needs to be ready to regularly assess what is and is not efficient for your office. Who in your office would be the best person to maintain and assess these practices? Choosing a tech liaison for your office can ensure that these expectations are not falling through the cracks after initial implementation. A tech liaison does not have to be extremely knowledgeable about technology, but rather acts as the “point person” for the office technology policy. This staff member can troubleshoot individual issues as they arise and employ the use of an outside technical consultant as needed.
Does your office need help with technology implementation, or data safety? Contact our office today to consult about what may work best for your office.