7 Tips for Small Businesses to Protect Company Data

By David Zimmerman, CEO of LC Technology International

Flip through any business or marketing magazine and it’s likely you’ll see articles touting the value of data. Information is often the most valuable resource for businesses of any size, and for a small firm the management and safeguarding of this data is of paramount importance. Small companies should try to replicate the best practices of forward-thinking enterprises when it comes to data protection. If they don’t, then there’s the risk of catastrophic loss and damaged customer trust. Here are seven tactics small businesses should employ:

1. Write and follow a data protection and management plan. Smaller businesses can often operate as informal organizations, with each staff member behaving as a “jack of all trades.” This attitude can be useful for acquiring customers and putting in the extra effort, but it doesn’t work for data management. Small business managers should develop written plans that detail what kinds of data the organization holds, how it will be stored, and when and how it should be used. You have to consider all of the possible sources of data, from customer surveys to email content, even customer service transcripts. The written plan should delegate responsibility. For example, it should detail who is responsible for data backups and which staff members can access the most sensitive data.
2. Organize the data in a central place. Finding out the “what” types of data leads to determining the “where” it should be stored. You need a centralized place to keep the information so it is less likely to be mismanaged and it can be more easily dissected. Even small companies should try to find insights out of data by looking at customer attributes or buying habits that can help it operate more efficiently. Centralized management processes should be described in detail in the written plan, so staff know exactly where to place and find the data they need.
3. Call for backup. Storage for data is quickly moving to the cloud, with such storage becoming more reliable and less expensive. Small businesses should utilize the public cloud, but consider a private cloud or on-premises storage for the most sensitive data. It’s always smart to have “backups of the backups” to ensure data is always protected. Cloud storage and physical portable hard drives are both cheap options that can be used in tandem for backups. Physical storage is also important for times when staff cannot access the cloud due to internet connectivity issues.
4. Stay in compliance with the law. Security breaches such as the one affecting Target can have a big impact on a company’s bottom line and branding. A small business that doesn’t have billions in capital can’t likely survive such a breach. Following compliance rules closely is one way to lower the risk. As a small business collects what’s known as “personally identifiable information”, it has certain compliance obligations that must be followed. The written plan should include information about pertinent compliance rules and how the organization has processes in place to ensure compliance.
5. Keep control of your information. Small businesses typically try to grow quickly, which means new staff members and shifting roles and responsibilities. As new employees come on board, and old ones depart, make sure control of data isn’t shifted. You don’t want a disgruntled former employee to share confidential information, so be sure data access is immediately revoked when employees leave. You should also put in controls to limit the downloading of data to USB drives or laptops. It’s a balancing act between allowing the data to be used for business purposes and controlling its usage for the sake of safety.
6. Use care with any devices. If your small business operations requires frequent use of portable devices or hard drives, then you have to manage this “remote” data. If you are capturing video and photo content on SD cards (the ones in digital cameras), then you should understand these cards are fragile and should be handled gently. Staff members using portable hard drives should also take care to not get them wet, put them in the trunk of a hot car, or leave them in a cab.
7. In case of emergency, use an expert. Even with all the safeguards in place, data that is stored on physical devices can still fail. You have to account for human error or simple accidents. If you have vital data on a SD card and Joe in sales spills coffee on it, then you need the help of an experienced recovery vendor. Don’t use free utilities that you find online as these are unlikely to work and are often filled with malware and other viruses. Instead, choose an established data recovery firm that will use special software to extract your data.

The management and protection of data shouldn’t be an afterthought for small businesses. Data is often the lifeblood of the organization as it contains information about customers, prospects, and products. Companies that follow best practices for data management will extract more value from it, operate more efficiently, and give themselves better odds of long-term success.

David Zimmerman has been in the hardware/software industry for over 30 years, specifically in the data recovery software market for 18 years. During this period, he has been involved in the creation; marketing and support of the earlier drive recovery software products to enter the PC market and successfully marketed them both nationally and internationally. His company LC Technology International, Inc. makes data recovery products for most of his competitors. His experience in the market has made him uniquely familiar with the data recovery business. Follow at @LCTechnologyInc.