Back to top

Encompass® Insurance Insights & Articles

How to Protect Your Business Against Data Breaches and Hackers

Cybercrime and the losses associated with it are on the rise. According to the Insurance Information Institute, in 2017, reported data breaches were up 44 percent and this number is likely to rise again.

A person accessing their phone's digital security app.

It's not just large corporations that hackers are interested in as more and more small businesses are increasingly being targeted. A growing number of cybercriminals are performing "supply chain attacks" which involves hacking small businesses first in order to gain access to the larger corporations they work with. Therefore, it is critical for you and your employees to know how to protect your business by keeping these following tips in mind:

  • Inform yourself. The guide "Small Business Information Security: The Fundamentals" offers a clear and concise overview of the cybersecurity issues that small business owners need to be aware of. It covers everything from understanding your risk to recovering lost data in the event of a breach.
  • Update your software regularly. This not only makes your devices run better, but it also protects them against vulnerabilities.
  • Install robust cybersecurity software. If possible, hire a cybersecurity expert to design a system that meets your company's specific needs. This should include at the very least a good firewall, as well as antivirus and malware programs.
  • Limit access to sensitive data. Use two-step or three-step authentication to protect highly sensitive files such as employees' personal data and customers' credit card information. Also, make sure that staff who change roles don't keep permissions they no longer need.
  • Use encryption. Encryption renders data illegible to people who don't have the key to decipher it. Business News Daily reports that both Windows and OSX operating systems have built-in encryption options that can protect the data on your hard drive. There are also third-party encryption programs available; plus, some cybersecurity vendors offer it as part of their security suites.
  • Train your staff in cybersecurity. According to Forbes, it's important to make sure your staff knows how to generate strong passwords, encrypt data and avoid malware.
  • Back up your data. Make online and offline backups of all important business data. That way, if for some reason your data is irretrievable on your regular system, you'll still be able to access it.
  • Dispose properly of your old IT assets. Old computers, hard drives, zip drives and phones that you no longer use can be treasure troves of sensitive data. That's why effective disposal methods such as data erasure, degaussing and on-site shredding is so critical. However, even though your data leaves your custody to be destroyed, in most instances, you're still liable for any breaches if your data isn't thoroughly deleted. For this reason, you're best advised to employ data destruction services that are fully AAA certified by the National Association for Information Destruction (NAID).

It's important to understand that despite your best efforts, a data breach may still occur. For this reason, it's advisable to establish a detailed response plan that you can fall back on in the event an incident occurs.

A group of Encompass agents

Customer Centric. Agent Focused.

Our simple, tailored approach to coverage offers powerful benefits to you and your clients.

Become an Agent

The general information contained in The Encompass Blog is provided as a courtesy, and is for informational and entertainment purposes only. The contents of this website are subject to periodic change without notice. Information provided on The Encompass Blog is not intended to replace official sources. Although attempts will be made to ensure that the information is accurate and timely, the information is presented "as is" and without warranties. Information contained on The Encompass Blog should not be mistaken for professional advice. Information contained herein should not be considered error-free and should not be used as the exclusive basis for decision-making. Use of website information is strictly voluntary and at the user's sole risk. We encourage you to obtain personal advice from qualified professionals when making decision regarding your specific situation.

Other resources linked from these pages are maintained by independent providers. The Encompass Blog does not monitor all linked resources and cannot guarantee their accuracy. Statements, views and opinions included in an independent provider's material are strictly those of the author(s). These views may not necessarily represent the opinions or policies of The Encompass Blog, the Encompass family of companies or its agents, officers or employees.

ECC Monitor: OK