How small businesses can keep their data secure

In the age of technology, it can be harder than ever to keep your data safe. Not only that, it’s also more important than ever to secure your data. However, your small business likely does not have the same resources to put toward data protection as larger competitors, which can easily invite catastrophe. However, if you know how to use the resources that you do have, you can easily secure your data without breaking the bank. To help you do so, we’ll let you know where it’s worth spending your money to give you the maximum security at the minimum cost.

small businesses data secure

Cloud storage

Ah, yes, the mysterious cloud. This is a storage place for all your data, but it offers many more benefits than your traditional file-saving system. For cloud storage providers, keeping your data safe is their entire job. By investing in cloud storage, you ensure that your files will be secure so that you can spend your own time and energy elsewhere. You would also be able to access your files from any device, and if you ever experience the great travesty that is file loss, you can simply access the backup version that is stored on the cloud.

Secure payments systems

Taking payments online can be a risky business, so you have to make sure that the proper precautions are in place. Not only are you protecting your own data in this case, you are also protecting your customer’s data, so you could get into serious trouble if it’s not properly secured. Encryption should be used to ensure that your data isn’t compromised, and hiring a service that will keep watch for possible fraudulent activity is a good precaution.

The page where payments are collected should be secure, as indicated by a padlock symbol and the “https://” at the beginning of your URL. This means that you will have to set up an SSL certificate for your website, but it will protect your client’s data.

Your login page should at the very least ask for an email and password to protect against hackers. This page should also include a CAPTCHA, as should your forgot password and contact pages. Even though these might be annoying to consumers, they’re a necessary safety precaution to prevent common hacking procedures.

When, finally, the customer would like to make a purchase, only collect the most pertinent information from them. That’s less information that can be stolen, and less vulnerability for you. You should only be asking for their name, address, phone number, billing address, and payment information. Be sure not to save this information any longer than you need to. Not only does saving the information make you and your customer more vulnerable, it’s also in violation of PCI compliance regulations, all of which you should consider when accepting payments online. Even if the customer creates an account on your website, the information should be saved away on a PCI DSS compliant gateway.


A firewall is a sort of catch-all for cybersecurity — it’s a series of programs used to keep outsiders from penetrating your private network. This is an essential for every business, no matter how small, since it’s the first line of defense against any shady cyber-activity — even the FCC includes it in their list of recommendations for the cybersecurity of small to medium businesses. Some firewall software is even free, leaving you with absolutely no reason not to use it. If you want a little extra out of your firewall system, you might consider installing internal firewalls to provide extra protection. Don’t overlook your employees’ home networks — they should also have firewalls, if they’re going to work from home, meaning that you may have to provide firewall software and tech support to ensure that they follow this rule.

General best practices

Fortunately, it doesn’t cost anything to be cautious, just some extra time and energy. Remember that you’re not the only one who handles sensitive data — your employees may also come into contact with it, so you are responsible for educating them about how to handle it. All paper trails that may contain customer information should be securely disposed of, and even online, they should be cautious with the use of data. Training in this matter should be continuous, and there should be occasional evaluations to ensure that none of your employees are getting lazy when it comes to cybersecurity.

You should change your own passwords frequently, and encourage your customers to do the same. Each password should be as long and complicated as possible — though this is often not very long and not very complicated, since it also has to be easy to remember. One tip for those who have to change passwords frequently is to simply add the year onto your previous password, or the month and the year if you’d like to change your password before a year is up. However you choose to do it, make sure that your passwords are as secure as possible.

Cybersecurity is all about having layers upon layers of protection, so it isn’t enough to simply have a secure password. You should also layer on top of that multi-factor identification, a process through which the person who is logging in has to confirm that it is truly them on their cell phone. That way even if a thief can exploit the password, it is less likely that they will be able to get past the multi-factor identification as well.

Cybersecurity is far from easy, and it is far from cheap, so it can be challenging as a small business to keep your data secure. Use all the protection that you can get, constantly be educating yourself and your employees about the matter, and always stay vigilant when it comes to your data. You may still experience a breach — these things happen — but at least you’ll know that you did all you could to prevent it.

This is a sponsored post for Dropbox. All opinions are my own. Dropbox is not affiliated with nor endorses any other products or services mentioned.

Don't miss