Data Breach and Cyber Security Risks

Protect Your Business Data

How Contractors Can Protect Their Business Against Data Breaches 

Contractors like you already face many safety hazards while on the job. But, one that may not seem so obvious—you may not even know it’s happening—is a breach of security when your business’ data is compromised or stolen. 

Research from IBM recently found the average cost of a data breach in 2016 cost $7.01 million, which accounts for a 7 percent increase from the previous year. If anything, this tells us data is now more valuable than ever, making it even more vulnerable for theft. 

To prepare, contractors must first understand exactly how a data breach can affect their business, and then implement the necessary security measures to prevent it from happening. 

Understand How Data Breaches Can Impact Your Busines

Risk Facores Blog

As a small business owner, you may think your business and employees aren’t susceptible to data breaches and data theft. But, research has found 99 percent of computer users are vulnerable to exploit kits.

Similarly, nearly 63 percent of businesses don’t have a fully developed way to track and control sensitive data in their organization. 

Related Read: Cyber Security: The Nature of the Threat

A data breach can impact your business beyond the loss of data or integrity of your security. Ramifications associated with a data breach include:

  • Damaged reputation or brand name.
  • Lost revenue, as many breaches can cause a loss in customer loyalty and the need to reimburse customers.
  • Liability costs, as data breaches can cause lawsuits from customers or vendors.

Prevent Data Breaches and Loss with Server Backup 

Even with small businesses like yours, there is enough data stored on customers, servicing jobs and vendors that may pose a huge liability if lost. Thankfully, there are many methods of backup to your internal servers that can help prevent this from happening. A small contracting business can expect to pay between $2-4 per GB stored per month for full backup solutions.

To prevent losing information, consider implementing one of these four methods of data backup:

  • Full backups: Stores a copy of every file and automatically reoccurs on a preset schedule. While effective, this method can be time consuming and may use a large portion of your network’s bandwidth.
  • Incremental backups: This method backs up the files that have been changed or altered recently since the previous backup. This requires much less bandwidth and time, but must compare each file to its previous version, which can become very complex for computing purposes.
  • Differential backups: This method saves a copy of the recently updated files in addition to the previous versions. All versions are then saved until the next full backup is run. The downside with this method is that is takes up a lot of space and, similarly, requires a lot of the network’s bandwidth to be conducted.
  • Virtual full backup: A virtual full backup takes the full copy once and does not need to be taken again as long as the storage medium remains unchanged. The virtual backup then synchronizes the backups to the database. This method is the most simplified version of a full data backup and reduces disadvantages of other alternatives.
     

Protect Your Business from the Impact of Data Loss with Cyber Insurance

Should you experience a network failure or a data security breach, there are insurance coverages available to mitigate some of the direct impact on your business. Cyber insurance policies are now more important than ever. Data loss and breaches don’t just occur as a result of a hack or malicious malware. They can easily occur from an employee mishandling information, a lost or stolen laptop or other device, and not updating your system’s network permissions. 

It’s important to remember that while some older general liability coverages may protect your business in the event of data loss, most newer ones do not, as data is not classified as “tangible property.” 

Instead, consider investing in cyber liability, internet liability or network security liability insurance. These cover the risk of causing third parties associated with your small business to suffer as a result of data loss. Contractors must protect third parties first, as data loss and breaches can trigger expensive lawsuits or a loss of customer base—both of which are threatening to the stability of your business. 

As a double layer of protection, invest in first-party cyber insurance. This protects your business against business interruption as you work to resolve the breach and costs for any damage. 

A Guide to Protecting Your Digital Assets 

  • Regularly update the passwords to your servers, internal sites, email, etc. at least once per quarter. Similarly, passwords should not be obvious; they should be a mix of numbers, upper and lowercase letters, and symbols. 
  • Consider investing in a password management tool, like LastPass or Sticky Password to help keep track of each of your logins. 
  • Do not open unknown email attachments, or emails received from an unknown contact address. 
  • Install firewalls on yours and your employees’ computers and adjust the settings for it to automatically update. 
  • Shred any confidential information, or lock it away for administrator use only if needed. 
  • Do not leave personal or confidential information on paper out in the open. Similarly, do not write passwords down on an open notebook or post-it. 
  • Restrict access to servers, folders and files to only the employees who need access as part of their job.
  • Never leave your laptops, tablets, mobile devices or other technology unattended. Should your equipment be stolen or left unattended for a prolonged period of time, encourage employee to do a remote wipe of stored information and data. 
  • Implement a workplace policy that requires employees to report stolen equipment immediately so that proper security measures can be taken as soon as possible, which will minimize the threat of stolen information. 
  • Avoid using unsecure wireless internet connections when away from your office. These are often easy targets for hackers.
  • Develop an encryption policy for all employees to follow on their laptops or other tech hardware. 
  • Require mobile devices, applications and operating systems to be regularly updated with new releases of software to ensure the latest security features are installed.
  • Require a passcode for mobile devices in which employees are accessing company information on during the work day. 
  • Adjust the settings on all mobile devices and laptops to turn on GPS-tracking capabilities. 

Download: A Guide to Protecting Your Digital Assets (PDF)>>>