Have you been thinking about security lately? You should. Small businesses are increasingly becoming the victims of crimes all over the world and in New Zealand, unfortunately, it’s not different.
The main reason why is because usually small businesses think because they are too small, they wouldn’t be a target, but criminals, apparently, don’t agree as they see the small businesses as easy targets and, consequently, the reports of attacks on small businesses have been on the rise.
The risks might increase according to the size of the business, but it doesn’t diminish just because you think you’re small. We all can be targets, no matter what our size is.
Nowadays, being safe is one of the biggest worries in any entrepreneur list of concerns, because any crime can be devastating on business survival.
According to a Security Magazine, only 31 per cent of small businesses take active measures to guard themselves against security breaches, 41 per cent are unaware of the risks accrued with the human error, and only 22 per cent are willing to improve the security measures in comparison to the previous year.
What’s more, security breaches hurt small businesses the most: more than 70 per cent of attacks target on small businesses and it is estimated that 60 per cent of hacked SMBs goes out of business only after six months.
The good news is: being aware of your vulnerabilities and acting soon is your best weapon to prevent such incidents.
Our Security Technicians and Consultants have large experience in dealing with all sizes of businesses and they have listed the main vulnerabilities and 12 Security Tips to Protect Small Businesses.
The Main Small Businesses Vulnerabilities
LACK OF AWARENESS
It might sound a bit repetitive as we already shared other posts where we strongly advise you to be aware of your vulnerabilities (here and here), but this is a common point amongst our security technicians and consultants that the first step is to evaluate your own building and business and look for your weaknesses. Make a list now (and use our Security Check Tool)!
WEAK PASSWORDS
Most people don’t realise but passwords are serious things and not paying attention to this choice of characters can be a disaster as a weak password (or an obvious combination) can be an invitation to security breaches and cyber attacks (read our last post about this).
A study of 61 million leaked passwords by Virginia Tech University and security firm Dashlane has revealed the most common passwords of the last year and, believe: the criminals know it and they will use them!
SOFTWARE OUT OF DATE
It is common that businesses don’t update their software, relying on old systems out of date and unprotected, making them vulnerable to unwanted access, virus and cyber attacks. Not only your computer or mobile system should be updated to protect them, but also your security systems require that they are updated. Some security companies can perform preventive and ongoing maintenance to prevent this problem.
NO BACK-UP
Information is gold and losing data/information can be a huge disaster for businesses. Many companies don’t have a full and updated copy of their data and they only realise it when something happens to their computers and servers and they lose everything. Establish dates to back-up all your business information in a safe place.
UNCONTROLLED ACCESS
Have you ever considered that not everyone should access all areas of your business? The security problems can be caused by allowing everyone to have easy access to your building, like unwanted people accessing sensitive areas, or even allowing your staff and suppliers accessing the building during periods of time they shouldn’t.
What’s more, not everyone should be able to access the same places (e.g. the receptionist need to access the showroom or the main office entrance but not the warehouse or the production area, for example). Make a list of all your employees and establish which one should access which areas and at what days and times. Reviews it from time to time.
BLIND SPOTS
Some areas of your business can be vulnerable as they are located in hidden or blind spots, allowing burglaries and another unwanted behaviour to happen without notice (e.g. an isle hidden from the view or a very distant and unspotted corner). Moving furniture and objects or installing a security camera can mitigate this risk.
UWANTED BEHAVIOUR
Have you ever wondered if your staff are following your Health & Safety instructions and the procedures to make sure your quality standards of customer service are being kept? Sometimes we get it for granted but “We are what we repeatedly do. Excellence, then, is not an act, but a habit.”
While it is hard to keep an eye 24x7 in your business, it is even harder to track all your employees actions, but you must diminish the risks of failures, non-compliance and unwanted behaviour by training, updating and reinforcing positive behaviour as much as you can.
HUMAN ERROR
Did you also know that the majority of the security incidents are due to human error, even more than malicious cyber incidents? They are more common than we usually think and, usually, they could be simply avoided by adopting training, procedures and other measures.
NO EMERGENCY PLAN
Do you and your staff know how to proceed in case of theft, burglary or any security emergency? If your answer is “no” or if you slightly hesitated to answer it, you should consider creating or reviewing your emergency plans (and paying extra attention to the council’s regulations).
It's worth spending a few days and hours training and sharing it with your staff to keep it up to date (don’t forget to keep a record on your training and the instructions and make them accessible to everyone).
DAYLIGHT SURVEILLANCE
Usually business owners take measures to protect business after hours, which is good, but not enough. What they forget is that owning a small business means that your attention will be divided amongst many tasks during all times. It means that you cannot be supervising your staff, premises, procedures and compliance with Health & Safety at all times, but there are means of doing this without requiring your personal supervision.
Usually, electronic security equipment and systems can do many of those surveillance and support such as controlling access to sensitive areas, recording via CCTV the unspotted areas, blacklisting customers or marking them as VIPs using facial recognition technology and so much more.
How to Prevent Loss and Security Incidents?
Loss Prevention is the concept of establishing policies, procedures and business practices to prevent the loss of inventory or monies.
Developing a program around this concept will help you to reduce the opportunities that these losses can occur and more specifically, work to prevent the loss rather than solely be reactive to them after they occur.
Read more about Loss Prevention.
A few questions to ask yourself and try to work on your vulnerabilities (and some examples were listed above) are:
- “What are your employees are doing when you are not there?”
- “Where are they?”, “Is this place protected or under surveillance?”
- “Are there any risks?”
- “How to avoid them and what to do?”
Here are the main tips our security consultants wanted to share with small businesses owners and managers.
12 Security Tips to Protect Small Businesses:
- Work on your vulnerabilities: for every vulnerability you listed, come up with as many possible solutions as you can (if you don’t know how to deal with them, you can always rely on professional advice).
- Act soon: don’t wait until something happens in order to start acting. The sooner, the better. Prevention, again, is better than the remedy. Don’t delay your actions. Every day count: your risks just increase, the potential losses can turn into real losses and the problems that may occur can multiply exponentially. Don’t forget: why not taking care of a vulnerability today if you know that it can become a huge problem tomorrow?
- Be obsessed with your Passwords Management: only use strong passwords (passwords should always exceed the minimum of eight characters, and include a mixture of case-sensitive letters, numbers, and special symbols, avoiding obvious choices), use different passwords for every application or system, update them regularly, turn on two-factor authentication in as many systems as possible, use biometrics as much as you can, use only secure networks and log-off and sign out (or lock the company devices after being inactive for a while), regularly. And check these tips to protect your passwords.
- Update your systems on a regular basis: keep a list of your software and make sure they are updated on a regular basis. Try to monitor them and check for updates every month. Again, you can rely on professional services to update and upgrade your security systems.
- Back-up: it’s important to keep a copy of all your data in a safe place on a regular basis. Make sure you have a remote back-up in a reliable service provider (cloud storage usually does a very handy job).
- Protect your Doors: they are are the main contact to the external world and you don’t want the wrong people to come and go, especially after hours (install electronic locks, security alarms and CCTV security cameras for an extra protection 24x7). Implement these tips on how to protect your doors.
- Control the Access: establishing policies and procedures on who, when and where your staff, suppliers and customers can or cannot access to avoid unauthorized access to sensitive areas (you can also install an access card system to grant access only to authorized people).
- Train your Team: establish your standards (Processes, Procedures, Customer Service and Health & Safety), write them down to make it clear, print them, make them an easily accessible, and train your team to make sure they understand, support and implement it. Some CCTV cameras can be very useful to keep an eye on the business and staff to check if they are following the procedures (and also can help you with any insurance claims).
- Keep an eye on your staff: check if they are following all the procedures established, register it, correct the mistakes and compliment the good attitudes, train again if necessary and make it an item to be constantly verified. You can also use cameras and access control systems to give you extra help (e.g. Smart Shopping Assistance, Absent Clerk Detection, Incident Management, Staff Adhesion to Guidelines, Customer Service Performance and others).
- Don’t get lost in too many things: you can start from the things that are easier for you to solve, and the ones that are more critical to your business and staff safety. Prioritize all the tasks and keep them going. The important thing is: knowing your vulnerabilities, mitigate the risks and have an action plan.
- Review Constantly: unfortunately, this kind of job is never done. You must review it everyday, in order to be ahead of your vulnerabilities and don't let your old risks grow or new ones to reach you. Keep up the good work!
- Rely on Experts: doesn’t matter the size of the company, it is impossible to have every possible vulnerability and risk covered. The good thing is: you can rely on professional support and equipmentto help you and hassle-free your operations.
Conclusion
Using a smart combination of the right knowledge, training, tools and safety measures is the key success to protect your building, business, people and assets and avoid losses. What’s more: it can mitigate unnecessary risks.
Sooner is better than later, so it’s really important to start now.