Most of the time, little slipups won't bring the sky falling down around you. But over time, not paying attention to how you dispose of your information or how you conduct your online affairs can lead to data breaches. And as we've pointed out before, data breaches aren't cheap. At best, they cost small businesses an average of $8,699. At their worst, they force 60 percent of small businesses to close up shop within six months.
Really, that's all the incentive you should need to run a tighter ship. But where do you start? Here are some risky behaviors to watch out for.
1. Throwing out old paperwork without shredding it.
Sometimes your desk may look less like a surface and more like a paper holding cell. All those forms, documents, and files take up physical space and brain space (which can hamper productivity). You may be tempted to just throw it all away.
While that can definitely clear your desk, it also gives data thieves a buffet of tasty information. An enterprising crook might find…
- Doctor's office receipts.
- Pay stubs.
- W-4s, W-2s, or 1099s.
- Employee information.
- Bank statements.
- Client information.
Each of these items contains a plethora of personal information that could allow thieves to hack your business accounts, swipe your clients' sensitive data, and steal identities.
According to WPXI News, a Pennsylvania YMCA is in hot water for dumping hundreds of employee files in the trash, which exposed Social Security numbers, birthdays, driver's licenses, and information on W-4 tax forms and child abuse clearances. Pennsylvania's data breach laws require breached businesses to notify affected parties, but the YMCA is also planning on paying for identity-theft monitoring.
The lesson? Don't throw out your important documents or files without blacking out identifying information and shredding them first.
2. Using the same password everywhere.
If you want to take your data security seriously, you need to ditch the same-password habit stat.
If you rely on the same password for your all your accounts – online banking, social media, and business email – one hacked account could give a hacker the keys to your other castles. Bite the bullet and create complex, unique passwords for each important account. For extra credit, you should implement two-factor authentication and change your passwords regularly.
3. Using default passwords on PoS systems.
According to a Computerworld report, the 2015 Trustwave Global Security Report states point-of-sale systems are still a primary target for hackers. It's clear to see why hackers would target these systems – they store hordes of customer financial information. A veritable jackpot.
That's not the only enticing thing about PoS systems. These also have a reputation for weak security. Trustwave affirms that 56 percent of all PoS hacks were made possible by insecure remote access software and weak passwords.
Again, change your passwords regularly, and never, ever keep the factory password assigned to your PoS system.
4. Relying on one smart phone or tablet for work and personal use.
Let's face it: when you're off the clock, cyber risks may not be at the top of your mind. You're scrolling through social media feeds and probably clicking whatever links pique your interest.
But if you use the same devices for both your work and personal life, any malware you inadvertently introduce to your system could corrupt or expose your sensitive business data. If your clients are affected, you may lose client trust and their business.
Play it safe and keep separate devices for work and personal use. For more security tips, read "Running a Business from Your Smartphone? Know How to Stay Safe."
5. Copying sensitive documents on public machines.
If you've ever used a pay-by-the-page copying or printing service, know that it could cause trouble down the road. Even innocuous machines like copiers, scanners, and printers have hard drives that store digital versions of those documents.
It may be more of a hassle to use your tiny printer for big printing jobs, but it might be a better alternative to risking sensitive information falling into the wrong hands. At the same time, be careful when you want to dispose of your old scanner or printer – you'll need to wipe your data from it first. Read more on that in "How Tossing Electronics Can Turn into a Professional Liability Lawsuit."