Is anything private in business anymore? Consider the consumer information businesses collect digitally. Or think about all the video cameras posted everywhere. Your smartphone even includes cameras, you know? So data privacy remains a big concern. Large corporations like Facebook and Google disclose daily examples of data breaches. So as a small business owner, how do you keep the customers’ data private that exists inside you company right now?
Is Data Privacy Possible?
Listen to the Small Business Radio Show this week. Internationally recognized expert in privacy and former Senior Advisor for privacy at the White House Marc Groman joins us on the program. And we’ll discuss the urgency around data privacy.
Marc still believes we need to have an expectation of privacy but be prepared if information is breached. But he argues most consumers give up their privacy rights too easily. They do so because of the difficulty understanding the terms of service presented. And the way companies use customer data also confuses them.
But the problems run deeper. For example, the U.S. lacks a single federal law on privacy. Current laws vary by industry. Different laws regulate the finance industry versus the health care. They also vary by state. Marc sees more problems ahead if there is not a federal law that raises the expectation of data privacy from all companies.
Basic Steps to Better Data Security
Here are the basic steps that Marc recommends small business owners implement to ensure their customers’ data is secure.
- Use complicated passwords. Too many times passwords are not changed from the default (Does “password1234” sound familiar?). Data privacy starts with using difficult passwords that change frequently. Currently it is best to use two factor authentications where the user must present two unrelated pieces of identification to be approved for access. I also recommend using a password manager that randomly assigns and changes passwords.
- Secure the router. Without user and administrative passwords, it is simple to get into your company’s network to get access to customer data. At least implement the most basic road block here.
- Educate staff. Most breaches are caused by human mistake and are completely avoidable. Train your staff on what changing cyber threats look like. They should not learn about the latest techniques from the news. Data privacy must be built into the company’s culture.
Marc sees too many companies only ask for help after a data breach. A response after a hacker has broken into your business is much more painful and expensive than implementing basic security protocols.