Have you secured your data?Financial data takes multiple forms, from the accounting records that show your profits, debts, cash flow and expenses to the federal tax forms for your employees. It all needs protecting in different ways. Financial data stored online requires that you have strong virus protection, passwords, and secure firewalls and networks. You’ll also need to ensure you know exactly who has access to certain pieces of financial information and ensure it’s restricted to them. Financial data that is stored offline (in paper form, for example) must be kept under lock and key, and if you decide to make an electronic version of it, it’s essential that you put all the security measures above in place.
Have you taken out insurance?Breaches involving financial data are extremely serious. Not only will they damage your reputation, but you may also find that some customers, suppliers, or other third-parties working with your business will take legal action against you. As a result, it’s important that you have cyber security and data breach insurance for your business; it will cover the cost of forensic investigators, notifying regulators, the expense of legal proceedings and consultation, credit monitoring for your business and affected customers, as well as as compensation for any loss of income.
Do you have a plan?Nearly three-quarters of retail organizations lack a breach response plan, and if you’re one of them, it suggests that you haven’t done enough to protect your financial data. Your plan must include details of an empowered response team and their responsibilities, an escalation process, and a communication strategy, among other things.
Have you educated your team?Your security systems are only as robust as the people operating in your business, so it’s essential that your team is trained to work in ways that protect your business’s financial data. Implement regular, relevant training sessions and encourage a culture of openness; having a ‘no punishment’ policy in the case of attacks will encourage employees to report behavior that might compromise your business’s security. If employees fear reprimand, ridicule, or another negative outcome as a result of an error in judgment, they’ll be less likely to report it and your business’s financial data will be more exposed than it needs to be. These are just a few questions to ask yourself when determining whether or not your business’s financial data is protected. Read the Federal Trade’s Commission guidance on data security if you need more information.
Use Tripwire to reduce your cyber risks while automating compliance with regulatory standards.