Security and Continuity of Business
You provide a lot of sensitive information to your digital marketing company. Is your information safe and secure? What about continuity of business when the unthinkable happens? Learn about things you should ask your digital marketing company about how they manage your information, data, and assets.
Hackers, Thieves, and Disasters
Protecting sensitive information is a critical, but often overlooked, part of running a business. This is especially true when you rely on vendors to protect your company data, trade secrets, and billing information. Whether you conduct business online, from a brick and mortar location, or your home there are continual risks of critical data, files, and personal information becoming compromised.
If you Fail to Plan, You Plan to Fail
Do you or your digital marketing agency have an established protocol or plans for emergency action. If a problem occurs, what type of response or corrective actions can you anticipate?
It’s unbelievably common that business people never ask their digital marketing agency how their information is protected. If you have, and received a quick casual answer (or no answer!) you should be concerned.
Instances of Continuity of Business Failures and Personal Financial Harm occur every day. Imagine the fallout if your personal data, company information, email services, website hosting or files were to be compromised, fraudulently used, or destroyed. Do you have a plan?
Common Threats to Your Business and Personal Assets
Ask any business insurance agent and they can tell you countless stories of how unexpected events caused major problems for their customers. Do you think that because you run a small business these things probably won’t happen to you? Read on…
The security website StrongDM recently published and article titled, “35 Alarming Small Business Cybersecurity Statistics for 2023”. Among the startling statistics are:
- 46% of all cyber breaches impact businesses with fewer than 1,000 employees.
- 61% of SMBs were the target of a Cyberattack in 2021.
- 95% of cybersecurity incidents at SMBs cost between $826 and $653,587.
- 55% of people in the U.S. would be less likely to continue doing business with companies that are breached.
The information above introduces problems from only cybersecurity. Consider that the world of threats and risks further includes the following:
- Natural Disasters: lightning, fires, floods, earthquakes, hurricanes and tornadoes.
- Acts of Terrorism: domestic terrorists burning building, detonating bombs, looting, and manually destroying property.
- Burglary and Theft: business and home burglary, auto burglary, armed robbery, cleaning crews and employee theft.
- Hackers: cyber theft, ransomware, phishing, malicious server hacking, WordPress hackers, WordPress brute force attacks.
- Miscellaneous: Somebody loses a phone or laptop, records placed in trash (not destroyed), computers and copiers discarded without wiping hard drives.
Emergency Backup and Recovery Protocol
The best service providers (i.e., GoDaddy) have an entire network of servers with continual backups. Regardless, your digital marketing agency should maintain current backup copies of your website and blog. Generally speaking, your digital marketing company should be able to recover from most any disaster in a relatively prompt time frame.
If you work wth a small agency you should have login information for critical services and assets. Having that information is yet another facet to continuity of business planning.
Best Practices for a Digital Marketing Agency
- No Cloud Based Storage. Backups in the cloud mean data and information is vulnerable to attacks from anywhere in the world. We don’t do it.
- Retention of Credit Card Information. Beyond services which require you to have a payment method on file (which is a risk) there is simply no good reason to have someone’s card information in a file folder, on a laptop, or otherwise loosely saved. We don’t do it.
- Destruction of Records. Most companies simply put documents into their trash receptacles. The cleaning crew, which has full access to the information, tosses the information into the trash. Most anyone can access the trash and find a treasure trove of company information – financial, sales, customer info, trade secrets, etc. We incinerate all sensitive documents and information.
- Need-To-Know Basis. Client information should not be stored in a general database or paper file system. There should be oversight and control of who gets information and what info that person receives. Changing passwords when an employee leaves is a best practice. We do these things.
- Monitor and Block Threats From general server traffic to WordPress websites, a best practice is to block countries, IP addresses and domains that are a nuisance or perceived/known security threat. Note: done incorrectly, this could cause problems with certain services. We do these things.
- Wiping Hard Drives. In addition to computers, copiers also have hard drives (memory). Any equipment discarded or taken out of service should have the hard drive wiped clean or (if needed for records) removed and stored in a vault.
- Backups to Backups Whether it’s routine website backup files, customer management records or accounting information, it’s a best practice to have an electronic backup stored securely in at least two different locations. We utilize external hard drives, password protected, stored in fireproof safes.
Things You Should Ponder…or Ask
Many people have become far to comfortable carrying phones, tablets and laptops loaded with large amounts of sensitive information…some with your information. What would happen if the loast their phone, had it stolen, or simply left it somewhere?
If a company went out of business, what happens to your information? Can you get the information you need?
How big of a problem could it be operationally or financially if you find yourself dealing with your information being lost, misused, or stolen?
Does your marketing agency take seriously the need for security measures and planning? Are you uncomfortable working with an agency that doesn’t actively protect your information? If so, give us a call to upgrade the level of services you need and should be getting now.
CREDITS and FOOTNOTES
- Photo by Tima Miroshnichenko available at Pexels.com