If a newly released survey is any indication, publicized data breaches aren’t enough to prompt small businesses to better protect their customer or employee data.
A survey released this week by The Hartford found 85 percent of small business owners believe a data breach is unlikely and often lacked even basic measures to secure sensitive data.
“Most of the business owners surveyed believe they are not at risk, when in fact smaller businesses are increasingly being targeted,” said Lynn LaGram, the assistant vice president of small commercial underwriting at The Hartford, in a prepared statement. “As cyber criminals set their sights on smaller firms, it is important for business owners to take proactive measures to protect data and minimize the likelihood of a breach.”
The Hartford Small Business Data Protection Survey is based on feedback from 501 U.S. small business owners with fewer than 50 employees. It was developed by The Hartford and fielded by the Pert Group earlier this year.
The findings show in many instances less than half of all surveyed businesses adopted best practices to reduce the risk of a successful attack.
Consider that only:
- 48 percent lock and secure sensitive customer, patient or employee data
- 53 percent shred and securely dispose of customer, patient or employee data
- 48 percent use password protection and data encryption
- 44 percent had a privacy policy
- 47 percent update systems and software on a regular basis
- 48 percent use firewalls to control access and lock out hackers
- 41 percent ensure secure remote access to their network
Interestingly, the vast majority – 79 percent – did say they restrict employee access to sensitive data.
“The Hartford survey also found that nearly two-thirds of business owners (61 percent) believe a data breach violates trust and would jeopardize their relationships with customers, patients and employees. More than a third (38 percent) say they have a more negative opinion of companies that have recently experienced a breach, based on the companies’ handling of the breach,” according to a news release.
“About a third of business owners (34 percent) say they would have difficulty complying with government notification requirements, and nearly half (47 percent) acknowledge it would be impossible for a small business to completely safeguard customer, patient or employee data.”