Hopefully by now you realize you need to keep a close watch over the security of your PC and other devices (or you’re smart enough to hire us to do it for you). Either way, cybercrime is BIG business, and small business owners are seen as the low hanging fruit by attackers who are looking for easy-to-steal financial data, passwords and the like. Some do it for profit, others do it for fun.
But there’s a much bigger threat to small business data security that can not only portend to leak your information out to the masses, but can also corrupt or erase data, screw up operations and bring everything to a screeching halt. What is it? Surprisingly, it’s your employees.
“Human error” is the #1 leading cause of data loss, system failure and virus attacks. In some cases, it’s an innocent “Ooops! I deleted it.” Other times it’s a malicious act of revenge from a disgruntled employee who didn’t get the raise they wanted or simply feels taken advantage of. Recently, a disgruntled employee working for oDesk, a third party content management firm, leaked Facebook’s highly detailed rulebook for flagging inappropriate posts. This document contained shocking guidelines regarding sexual content, death and disfigurement as well as racially charged content. Apparently, sexual acts should be blocked, but crushed heads are okay.
The above incident, while a problem, is a mild case. Often employees seeking revenge will steal and post client data, financials or other competitive information online. In some cases, they sell it. Other times, employees delete critical files to either cause harm to the organization or to cover their tracks. And when it’s your client’s data that gets stolen or compromised, you have a major PR nightmare to deal with aside from the costs and problem of recovering the data.
At a minimum, first, make sure you back up all critical data remotely. Second, monitor employee’s usage of data. Simple content filtering software can detect not only when employees are visiting inappropriate sites, but also detect if they delete or alter large amounts of data--all signs that something could be amiss. And finally, it’s worth a little bit of money to find a good employment attorney to help you craft various policies on using and accessing confidential information.