Many home-based businesses, remote workers, and other small companies think they are safe from information thieves and fraudsters, assuming that these criminals mostly target large corporations and multinationals.
But that’s unfortunately not how it works.
Almost one third (30%) of fraud cases occurred in small businesses, according to the 2016 Global Fraud Study by the Association of Certified Fraud Examiners (ACFE). Small businesses suffered the same median fraud loss ($150,000) as organizations with 10,000 plus employees – and 60% of small-business fraud victims didn’t recover any of their losses.
With this in mind, small businesses must stay up-to-date on security news, privacy legislation, and trends in document security.
Here are 7 ways to stay in the know:
- Conferences and events. Take part in events, for example, the International Fraud Awareness Week being held November 12-18. The goal of the global event is to minimize the impact of fraud by highlighting anti-fraud awareness and education. Small businesses are encouraged to host training opportunities and talks, distribute anti-fraud information, and share security intelligence.
- Employ security experts. Appoint someone to be in charge of security and to keep up-to-date with industry trends. Fraud Awareness Week is a good time to invite discussion with peers, coworkers, executives, and stakeholders in the community. Educate employees by providing on-going security training that highlights safeguarding confidential information and security best practices. All of this activity promotes a culture of security in the workplace.
- News sources and trends reports. Stay current on news that can affect small businesses. Security news sources include the SANS Internet Storm Center as well as Threatpost, Naked Security, FireEye, and Security Street. The European Union Agency for Network and Information Security and the U.S. Department of Homeland Security publish regulatory and policymaking content.
- Take to social media – and industry influencers. Twitter, Facebook, and other social media can be helpful in knowing what is going on in the security landscape. This is also the place to share security intelligence and to exchange information and solutions about your company’s security activities.
- Real time safeguards. Invest in physical safeguards like closed circuit television, a visible warning to thieves that premises are monitored. Equip hard drives with the latest and best IT safeguards and be sure to activate automatic updating and patching. Partner with a document destruction company as well so that destruction best practices (locked consoles, secure destruction) are embedded into the workplace.
- Audits. Perform regular security audits to identify weak spots in current controls – and solutions. Companies in certain industries (financial institutions for example) are required to have external auditors certify compliance with privacy regulations. Customers and business partners may need to see security audit results before they do business with your company.
- Business partners. Partner with third parties who make it their business to stay up-to-date about privacy laws that affect industry. For example, Shred-it, a global leader in information security and workplace privacy helps businesses in a wide range of industries and sectors to protect their confidential information. The company provides information about privacy laws and legislation as well as workplace best practices that relate to safeguarding printed and digital data.
Start Protecting Your Business
To learn more about how Shred-it can protect your documents and hard drives, please contact us to get a free quote and security risk assessment.