In 2015, 2.5 million data security breaches occurred in the UK, 74 percent of which affected small businesses. This 14 percent increase over the number of incidents in 2014 highlights the necessity of establishing strong security measures to keep customer data safe.
Get Your Act Together
The Data Protection Act of 1998 states specific requirements for organizations working with or storing information about individuals and “covers any information that relates to living individuals which is held on computer.” For businesses, this means customer information including names, addresses, credit card numbers and login credentials.
Under the Act, data collection must be processed fairly and legally with a specific purpose. It’s your job to keep customer data accurate and remove outdated information no longer needed to do business. Proper security measures are required to be in place, and you can’t transfer anything out of the European Economic Area without reliable protection. Lack of compliance is a criminal offense punishable by steep fines.
Establish Basic Protection
Some of the most effective ways to secure data are the simplest. Using strong passwords, changing passwords on a regular basis, installing antivirus software, setting up firewalls and establishing a VPN to handle mobile connections all increase the safety of customer data. To demonstrate your commitment to security, consider answering the Cyber Essentials questionnaire from CyberAware. This assessment determines if your company “meet[s] a Government-endorsed standard” and allows you to display a Cyber Essentials badge on your website.
Avoid Common Pitfalls
Small businesses across the UK face common security issues, but you can prevent your company from falling prey to attacks by:
• Hiring an IT security specialist or appointing someone within your organization who has security experience
• Educating yourself and your staff about how to minimize risks and handle threats
• Updating and maintaining security at all potential points of compromise
• Creating a budget and schedule specifically for security measures
Free online training is available to bring your organization up to speed on modern security risks and what steps can be taken to prevent breaches.
Know How to React
The three biggest security threats you’ll face as a UK business owner are attacks from viruses or malicious software, accidental or deliberate incidents caused by employees and attacks by unauthorized users. Have a plan in place for dealing with these issues in the event your security fails. Breaches can cause customers to lose faith in your brand, so you not only need a backup plan for data recovery but also a strong social and marketing campaign to maintain the reputation of your company’s image.
Customer satisfaction and retention hinges on trust, and showing your business is serious about security goes a long way toward establishing this important connection. Take advantage of the educational tools offered by the government to learn more about what you can do to preserve the integrity of consumer data, and make it a priority to monitor all security measures so that you’re always ready to respond to potential threats.