Small businesses in general may be particularly vulnerable to data breaches of numerous kinds, which can significantly increase their need for tech insurance, and while many may be worried about hacking attacks or phishing schemes, another potentially more insidious threat comes not from without, but within.
Employees at small businesses, particularly those in younger age groups, can pose an appreciable breach threat themselves simply because they are more willing to use sensitive client or customer data for their own gains when they become disgruntled, according to a new survey from Harris Interactive conducted on behalf of identity management firm Courion. Today, 19 percent of those working in offices who are between the ages of 18 and 34 years old say that they would take customer data, price lists or product plans with them if they learned they were going to be fired or laid off in the near future. One major reason for this threat to be considered credible is that 16 percent of those same respondents who have lost their jobs in the past have been able to successfully log into their old accounts with the same usernames and passwords they had when they worked at a former company.
This highlights a very sizable problem for businesses large and small, the report said. Many companies are apparently not doing the bare minimum it takes to protect critical information from disgruntled current and former employees, which puts them at massive risk for data breaches that can end up costing them large amounts of money.
“Too often, companies have no real idea who is accessing what and when,” said Christopher Zannetos, president and CEO of Courion. “And if you think of how many employees flow through a large organization, you’re looking at significant risk. Add partners, customers and others with whom you share critical business information, and the exposure is massive.”
Why does this happen?
There can be a number of reasons for small businesses to not realize this very real threat can happen to them, the report said. Perhaps the biggest of these is that companies have a lot on their plate in the immediate wake of personnel changes such as these. For instance, they are likely thinking about how they’re going to bring on more workers to replace the outgoing ones, or promoting current workers into new roles. This in and of itself can create a daunting task of clearing out old data, creating electronic identities for the new workers and then granting them access to the information they might need. Further, the need to use the cloud or other services that could contain sensitive information needs to be watched closely as well.
And with all that going on, it can be easy to have something as simple as permissions to view sensitive files fall through the cracks, the report said. However, it’s important that companies do all they possibly can to prevent such a problem from occurring, and it could be something as simple as creating a checklist that is followed closely whenever personnel changes are made.
Of course, there are other data breach threats that companies of all sizes face every day, but independent ones without their own IT professionals may be at particular risk. For this reason, small business insurance that specifically protects companies against the costs of remediating such incidents – which can run into the hundreds of thousands of dollars or even more – may be a wise investment for entrepreneurs who do not have the financial ability to hire dedicated tech workers.