Last week, social networking site LinkedIn and online dating site eHarmony announced that recent breaches of their data security measures may have compromised millions of their customers’ online accounts. Although attacks on such high-profile businesses grab headlines, small businesses are being victimized with increasing frequency.

Despite being at increasingly greater risk, a recent study found that the majority of small business owners do not feel that their sensitive customer and employee data is vulnerable to a security breach. The study also found that a large percentage of small businesses are not implementing basic security measures to ensure the safety of their sensitive employee and customer data.

Of the 501 small business owners with fewer than 50 employees who participated in The Hartford Small Business Data Protection Survey, 85 percent said they believed a breach of their data security measures was unlikely. Yet less than half said they were employing anything more than the most basic security measures to safeguard their data.

The Hartford’s assistant vice president of small commercial underwriting Lynn LaGram said, “Most of the business owners surveyed believe they are not at risk, when in fact smaller businesses are increasingly being targeted. As cyber criminals set their sights on smaller firms, it is important for business owners to take proactive measures to protect data and minimize the likelihood of a breach.”

Of the small business owners who participated in the survey, only 79 percent said that they routinely restrict employee access to their sensitive data and only 53 percent said that they shred and securely dispose of employee, customer and patient data. Less than half (48 percent) said that they employ password protection and data encryption measures. Less than 50 percent said that they use firewalls to prevent hackers from gaining access to their data, and 66 percent said that their businesses have no privacy policy at all.

In stark contrast, 61 percent of participants said they believe a breach of their data security would jeopardize their relationships with employees, patients and customers. Thirty-four percent said it would be difficult for them to comply with data breach notifications laws.

Cloudmark messaging security firm senior researcher Mary Landesman said, “When somebody has the keys to your business and personal kingdom, that gives them all sorts of powerful information. They might be able to use it for years.”

LaGram said, “Given the potential business and reputational costs of a data breach, it’s also important for business owners to have insurance in place to help them respond and recover quickly and effectively in the event of a breach.”


“Small Business Owners — Despite Being Increasingly Targeted — Believe Data Breach Unlikely” June 6, 2012

Jim Finkle and Jennifer Saba. “LinkedIn, eHarmony suffer data breaches” June 7, 2012

Verizon Data Breach Investigations Report

(Visited 55 times, 1 visits today)