Privacy is Big Business for Small and Mid-Size Businesses

Sandra Namatovu our consultant managing the role
Posting date: 11/14/2019 10:20 AM
If you’re a small to mid-size business and think cyber criminals only go after big business; think again. It’s just as important, if not more important for you to have privacy plans in place. This goes way beyond GDPR and state-to-state rules, this is about how you care for your customers personal information. The return on investment will set the tone for future years of your business. After all, according to a 2018 report by Verizon, 58% of cyber-attacks targeted small business.

While it may seem counter-intuitive and larger businesses are bigger fish to go after, they can be difficult to get into. After all, they’ve got the resources to protect their customer’s Data and are hyper aware of what it can be to their business if they don’t. Smaller and mid-size businesses generally don’t have the resources of the larger businesses, and may not focus on cybersecurity like they should which leaves their business wide open for cybercriminals.

Chinks in the Armor of Your Data


Cybercriminals excel at finding “chinks in the armor” of your Data. They’ll use any advantage to break in from the usual hacking and malware to physical breaches. One improperly secured device can be just the entry they need into your entire system. 

What can you do?

  • Be focused in your approach to Data security. Many small businesses tend to put out fires, rather than have a focused strategy. And each approach to tighten security can lead to more opportunity for hacking.
  • Communicate your strategy to every member of your team. Something as small as clicking on the wrong link can lead to a Data breach.
  • Train your staff on measures they can take such as to not click on a link they’re not expecting, to check email addresses and ensure they’re approved or white-listed as okay to access. The more aware your staff are, the better able they’ll be able to help ensure the security of your business’ Data.

While staff may be on the front lines, this also requires a commitment from senior executives as well. Understand that just because you’re not dealing in billions of dollars, you may actually be at greater risk. Why? Because unlike the larger companies, your business may not survive the fallout of a cyber-attack.

How to Protect Your SMB


You can protect your business by creating a Data Security Strategy and consider the following:

  • Encrypt your data;
  • Authenticate your users by either a 2-step verification process or having them enter some kind of code;
  • Authorize access to trusted sources.

Encrypting Data helps protect the private and sensitive information and makes it unreadable without the correct key. To ensure only those who are trusted sources have access is through authentication. 

Authentication can include username/password, code, tokens, phone number, and image association such as click only the boxes with pictures of street lights or stop signs. This helps your business control who has access and gives you tighter rein over who sees sensitive information and what they can do with it. 

By defining the rules and regulations of access to information, training your employees to be aware and what to do to ensure security, you can strike a balance of increased security and transparency to your customers. In other words, the efforts you go through to protect their Data will put you ahead of the competition as you make inroads toward a Data privacy strategy while others take action as things happen.

One Final Thought


Ensuring your business’ Data is protected and detecting times when it may have been breached is increasingly important to help minimize damage. One issue SMBs face is that it may take longer to detect if there isn’t a Data security plan in place. The more quickly you can detect an issue, the more quickly you can reduce its impact and the more quickly and effectively you can respond, the better. 

Interestingly, smaller businesses tend to have a better overall picture of their assets than larger businesses. This can be a boon when you communicate your new cybersecurity strategy to your teams and offers a significant return on investment of your resources.

If you’re interested in Big Data and Analytics, we may have a role for you. Take a look at our current vacancies or contact one of our recruitment consultants to learn more. 

For our West Coast Team, call (415) 614 - 4999 or send an email to sanfraninfo@harnham.com

For our Mid-West and East Coast Teams, call (212) 796 - 6070 or send an email to newyorkinfo@harnham.com.

Related blog & news

With over 10 years experience working solely in the Data & Analytics sector our consultants are able to offer detailed insights into the industry.

Visit our Blogs & News portal or check out our recent posts below.