NovaBACKUP Security Blog

Top 6 Threats to Small Business Data Security


As National Small Business Week takes place (April 29 – May 5) it serves as a welcome reminder of the obstacles that small businesses must overcome to not only survive, but to grow and flourish. The role of data-protection in this process is not a minor one. Accordingly we bring you the top threats to small business data security:

1. Employee Negligence
Possibly the biggest positive impact to securing your critical data can be employee awareness training for modern security threats. Opening malicious attachments, clicking dangerous advertising links, and weak passwords all pose commonly exploited risks. Conduct security training at the time of hire, regular company-wide training, and attack simulation. Require regular password changes and enable two-factor authentication for additional security.

2. Ransomware / Malware
Your employee training should conform to a strict security policy which you’ve created in advance. But unsupported operating systems, unauthorized software and inadequate patch management also create ripe opportunity for malicious code to take hold. Automatically update and patch your systems. Download NovaStor’s complete Ransomware Prevention Checklist today to cover all your bases.

3. Bring-Your-Own-Device (BYOD)
More and more employees are bringing their own devices to work where they are storing important data. Are these devices under the control of your Systems Admin? A BYOD policy which includes, encryption and remote backup is critical. Create a plan of action in the event that a device is lost or stolen.

4. Lack of a SysAdmin
Small businesses often struggle with both security budget, and numerous shared responsibilities among employees.  This can mean that suspicious activity or breaches may be taking place on the network, and nobody is monitoring these events. Whether it is a single body, or multiple people managing the IT at your business – make it clear who must be aware of new threats and implement as well as enforce safeguards.

5. Ineffective Disaster Recovery Plan
Sure, most small businesses are backing up some data in some form or another. But does this mean that there is a clear plan of action in the event of catastrophic data loss? What is the level of confidence that you can get back to “business as usual” within a reasonable time frame. Creating a practical backup strategy (download NovaStor’s guide here) and regular testing of data restorability is a must.

6. Unlimited Access
Many small businesses seem to are either unaware or don’t understand the danger of giving all employees unlimited access to data. Access should be restricted to the minimum required for them to function in their position. Understand where the most sensitive data is kept, and how it is accessed by which specific employees.

We know there are many more, and that recovery for small businesses can be a daunting task. Have you recently overcome a roadblock to the protection of your critical data? Let us know in the comments section. As always, stay vigilant and educate your users.