As the leader in IT consulting in Minneapolis, Tech Guru CEO Dan Moshe hears concerns from numerous clients in the wake of the Target Corporation security breach. “I’m not a security expert,” says Dan, “but I bring a down-to-earth, savvy business perspective on security.” Check out Dan’s 5 P’s of small business security.
Target has security protection resources most businesses only dream of. Considering the damage done to the reputation of Target after consumer accounts were violated by hackers, a similar attack on a small business would be absolutely devastating. A small business owner himself, Dan shares some of the measures he takes to protect clients’ sensitive data with Tech Guru’s own limited resources.
1. Physical
A starting place to better business security starts with a physical barrier. “The door to our office is always locked. We have to let people in,” says Dan. Though he admits it’s a little bit of a hassle, “at the end of the day we know only authorized people are going to enter.”
Dan combines screened entry with a high security deadbolt and proximity key cards for the staff. “We perceive the threat of burglary as something that is a possibility,” says Dan. He also employs a security system to monitor the office after hours.
2. People
Dan maintains your biggest threat to security is your employees and social engineering – when someone calls or emails acting as someone else and asks for privileged information. “We get to know our clients and their voices. If we get a call from someone who is not authorized, we will not work with them.”
“We educate our people on what they can give out and what they can’t,” explains Dan. The staff can’t transmit credit cards, passwords, or credit card numbers. “If you need to send sensitive information like that, use a Google Doc. it’s encrypted and only available to the person who is supposed to have access to it,” says Dan.
Dan insists small business owners should take the time to do security awareness training with their employees. “It shouldn’t be an afterthought. Security should be incorporated into everything you do with your business.”
3. Phone
Though the “Bring Your Own Device” revolution is in full effect, business owners rarely think about the consequences of sensitive company information being accessed through an employee’s smartphone, tablet, or laptop.
Two of the simplest steps to ensure better security on a phone or mobile device are:
- Require a PIN to access the device
- Encrypt storage on the device
Working with employees to ensure optimum security on their mobile devices is a top priority when Tech Guru works with a client, and it should be yours, too!
4. Passwords
When companies as big as Adobe Systems can be hacked, as the company was in 2013, it’s important to remember that your password can be used in many places once it’s stolen.
Instead of trying to come up with creative passwords for multiple accounts, one option for managers is to use LastPass. Lastpass automatically generates and stores highly secure passwords for each website, but you only need to remember the the password for your LastPass account. It’s free to get started, and premium packages are reasonably priced.
5. Planning
Lastly, Dan recommends clients go through their processes and examine them. How do people enter your offices? How do your employees authenticate callers? What would you do if a data breach occurred? A security catastrophe should just be another part of your disaster recovery plan. Small business security plan means looking at every aspect of your business and ensuring it meets all your security business requirements.
“The sad fact is, if someone wants to get in, they will,” says Dan. “It’s easy to go overboard and buy expensive hardware, but first look at your business objectives, internally mitigate what you can, and then insure against the rest.”
Tech Guru is always happy to help clients with mobile security, cloud security, and encrypting valuable client information.
Dan Moshe helps business owners in the Minneapolis area with all things tech, and is the CEO of the Caring IT company Tech Guru. He cares about your business as much as you do!