Seven actions you can take to make your business more secure
Physical and cyber crime is rising – as is the cost to businesses. Discover seven actions you can take to make your business more secure.
It doesn’t matter how large or small your business is, keeping it safe should be front of mind at all times. Just as you wouldn’t go to bed without checking your home was secure, or drive to work leaving your front door and windows wide open, securing your business and preventing losses needs to be a priority.
Protecting your business has many benefits besides reducing revenue and data loss. A physical or cyberattack can damage your reputation and cause clients, customers and suppliers to lose confidence in you.
Cyberattacks also have the potential to leave your company in breach of GDPR regulations. Asides from hefty fines, you also risk major loss of confidence in your business if you fail to fully secure your digital systems.
Seven actions you can take to make your business more secure
So how can you better protect your business from external and internal threats? Here are seven actions you can take to make your business more secure.
1) Assess the risks
Your very first step to protect your business (if you haven’t done so already) should be a risk assessment to test how secure your business is from criminal attack. This should include an audit of your physical locks, access points, alarms and keyholders.
You need to keep records of when these are checked (whether that’s annually, quarterly or biannually) and maintain records of staff members who hold keys and swipe cards.
This is important as some insurance companies require records to be kept in the event of a break in. You may not be covered if it is found that you have not performed requisite tests on alarms and fire safety tests on a regular basis, with an up-to-date risk assessments and points which have been actioned.
In protecting your business from criminal activities, it helps to be mindful of other business areas. And you can also extend the audit activity to your account books, especially because proper risk assessment is supposed to be extensive.
This is particularly important if your company deals in a sector that demands exclusive financial reporting. The last thing you want to happen is to realise a significant sum of company money siphoned by staff with criminal tendencies. You can mitigate this and secure your business better with specialised auditing services.
Meanwhile, companies should protect not only their finances but as well as confidential information from unauthorized access. This is why cloud service, SaaS and other technology-based providers undergo soc 2 auditing to ensure security from illegal data transmissions.
2) Install CCTV
While break-ins are not generally commonplace, small and medium-sized businesses are more vulnerable than larger organisations, and thieves are opportunists and will choose soft target businesses which are the least secure.
Installing and monitoring CCTV will both deter potential thieves and help with their prosecution if a break-in takes place.
3) Have visible locks and alarms
Demonstrating to thieves that it’s not worth their while trying to break into your premises can be as simple as choosing locks which are visibly on display.
These should be your first line of defence as well as sign posting any other security measures in place which are not visible, such as alarms which are linked up to private security response teams or your local police station.
4) Use motion-activated lighting
Motion-activated lighting gives a surprise element to your security and acts as a greater deterrent to opportunistic thieves. You also need good lighting to trace people using CCTV evidence.
5) Control access
Controlling who has access to enter and leave your property, and indeed different areas of it, with access control systems for offices is fundamental to your security. This prevents unauthorised access by unknown individuals and keeps sensitive areas more secure.
When members of staff leave or change position, their security clearance should be reviewed. Access to online systems should also be also monitored closely, and be via single user access and password credentials.
This access to online systems should also be reviewed regularly to prevent malicious damage or unauthorised access to networks when an employee’s status changes.
6) Implement policies to reduce fraud
Identity theft is a growing problem for people and businesses. In tough economic times it is an ever-growing temptation for external criminals – and sometimes even internal criminals.
It’s always wise not to underestimate the opportunities that exist for fraud. This means ensuring that all sensitive business information is securely incinerated or shredded, and that all employees operate a clear desk policy to prevent sensitive data and information falling into the wrong hands.
Credit card fraud is also becoming increasingly common, so you may want to educate yourself on some common detection techniques to help minimize your fraud risk.
7) Secure your systems and data
It’s vital that default credentials are altered for all systems when they’re installed, and you ensure that all employees have individual accounts which require passwords to be changed regularly.
Make sure your WiFi network is fully secured and hidden using appropriate firewall technology and proxy servers. And audit any devices and tablets your staff use to ensure that they have appropriate security software and are encrypted and regularly backed up to a secure cloud system.
Should they fall into the wrong hands, data encryption is vital to avoid identity theft and loss of customer and employee data which could lead to identity fraud.
Prevention is always better than cure
A Ponemon Institute study in July 2018 reported in its “cost of data breach study”, sponsored by IBM, that the average cost to a business from cyber crime was $3.86 million worldwide – a 6.4% increase from the 2017 report.
Indeed, according to Startupbizhub around 800,000 businesses have applied for bankruptcy due to crime, and this figure is rising. And sadly, startup businesses are particularly vulnerable to the financial impact from crime because often they haven’t future-proofed their business against it, assuming it will never happen to them.
So, while cyber and physical attacks on businesses are the exception rather than the rule, it’s still critical that invest in your security and put strategies in place to prevent crime. And, rather than becoming a statistic (and having to take drastic remedial action following a cyber or physical attack) you’re as prepared as you can be with appropriate security measures in place.
STANLEY Security specialises in security solutions that are tailored to the specific needs of customers across multiple sectors, from large ICT organisations to pharmaceutical companies, banking and retail. They have offices in Dublin, Belfast and London.
Photo by Masaaki Komori