May 18, 2017

Why All Small Businesses Need a Data Security Policy – and How to Implement One

Small businesses often think they’re not big or important enough for information thieves to bother with... but that’s not what the research shows.

Close to half (43%) of cyber attacks on businesses worldwide in 2015 were against companies with less than 250 employees, up from 18% in 2011, according to the 2016 Internet Security Threat Report by Symantec. A 2016 Ponemon report on small business data security showed that 55% of respondents experienced a cyber attack in the previous 12 months, and 50% had data breaches involving customer and employee information.

In fact, most small and medium sized companies collect and store confidential data about employees, customers, and the company itself. Information thieves sell this kind of information on the dark web or use it to commit identity theft and other crimes.

For a small business, a data breach can come with crippling costs. According to Ponemon, the average cost of a data breach involving theft of assets cost these companies $879,582. Plus, after an attack, they had to spend an average of $955,429 more to get their business back to normal.

Here are the important steps to take to create an information security policy for small business.

Start Protecting Your Business

To learn more about how Shred-it can protect your documents and hard drives, please contact us to get a free quote and security risk assessment.