If operating a small business wasn’t challenging enough, take a moment to imagine what it must be like to run a business in 2016.
Over the past couple of years, we’ve seen some of the biggest brands on the planet get hit with data security breaches and theft of private data. What might be most concerning to the small-business community is that this has happened to companies with multimillion-dollar information technology (IT) budgets.
If this could happen to a Fortune 500 company, what hope does a small business have?
As a trusted partner to its business members, credit unions should understand some of the pain points and challenges that are unique to small business owners, particularly when their businesses do not have the resources to adequately focus on IT security or address risks to a major security event.
More importantly, understanding these challenges could provide additional opportunities to strengthen your relationship with business members.
Some common pain points:
Every business needs a website and, increasingly, a way to transact business through it, whether that is making an online purchase, booking a service, or signing an agreement or statement of work.
In other words, today’s small business websites are much more than digital brochures; they are systems of records that store private data.
A website requires addressing security at several layers:
• Website and database code: Are there security flaws or vulnerabilities?
• Server and IT infrastructure: Is the hosting platform configured with security in mind?
• Network: Are firewalls in place? Can the network prevent or block attacks?
• System access control: Who has access to log in and can see data?
In some industries, such as healthcare, the storage of private data can be a significant challenge for operations with limited in-house expertise.
These challenges include:
• Understanding the cost of ownership, management, and ability to secure both on premise and offsite ( i.e., cloud storage);
• Understanding how data can be securely stored and accessed using best practices such as encryption and virtual private networks;
• Understanding how to protect against loss of data due to system failures, natural disasters, or human error.
Business owners should operate under the assumption that, sooner or later, a digital security event will most likely occur.
When and if that does happen, the business owner should have some protections in place, including having a disaster recovery plan and specific insurance coverages that can protect against unexpected expenses, such as fines or legal costs.
Small-business owners need to understand what a disaster recovery plan is and how to have redundancies and backups in place for all important data. Plus, they need to know what types of insurance coverage address cyber attacks and related liabilities.
Ultimately, your credit union should keep these pain points in mind when offering solutions for your business members, whether they’re internally sourced or delivered through third-party providers.
Doing so can help produce longer, more successful relationships.