Recently the Small Business Administration released a short webinar on cyber security. We encouraged our staff to watch it as a refresher course to some of our own trainings here at eDoc LLC. As a provider of document management software and custom software development, it is crucial that all of our staff not only understand the details of cyber security but are also often reminded of our policies and educated on the latest information.
Although you may not be a software company, cyber security should matter to you. If you own or work for a small business, you are at particular risk because there are likely less resources dedicated to security policy creation and enforcement regarding cyber security. Not only is a small business less likely to have policies in place to protect vital information such as employee, partner and business information, but they are also less likely to have up to date and secure software and hardware, which exposes the company to cyber threats. Many small businesses believe the cost of updating their software and hardware is just too expensive, but one question raised in the webinar hit home the importance of this investment, “What would be the cost of losing all your information?” Other similar questions that help show the importance of this investment are “What would be the cost of a potential lawsuit if we lost customer information or employee identity information?” “What would be the cost of notifying the parties of their data loss?” “How many customers would we lose if they knew we had a security breach?” Lastly ask yourself, “what would be the cost of any fines, hardware and software replacement if we had a security breach?” As you can see, security investment is crucial to protecting your small business in the long term.
Another eye opening point made in the webinar was that 80% of security problems originate from within the company. These issues in part come from not having policies and procedures for cybersecurity in place, those policies being outdated, or not enforcing and educating employees on them. One goal is to have data confidentiality and integrity, but what does that mean for your business? If an individual does not need access to certain data, restrict access. Also limit the ability for employees to modify and delete documents. In eDoc Organizer we have granular user permissions which allows restricting access of individual users to add, edit, access and delete specific documents.
A good place to start creating a more secure business the webinar said was to ask, “What are my security needs?” Policies, practices, trainings and continuing education are all areas you can assess and begin reviewing right away. Next, you can assess if your software and hardware are up to date and secure. Next assess if you have a reliable backup of your data offsite, and if you don’t, work on that today. According to the SBA the goal of a backup is “the ability to restore your system and data to what existed before the cyber threat was realized.” Make sure to have the backups tested and up to date as well. A backup of last years’ data won’t do your company as much good as a backup made last week.
Remember, cyber security should be an ongoing aspect of daily business operations. If you have questions about how eDoc Organizer can help make your data more secure, email us at [email protected]. Thank you for reading our eDoc Organizer blog.
If you would like to watch the Small Business Administration’s webinar on cyber security go to: https://www.sba.gov/tools/learning-center-view-course/743081