4 Small Business Security Considerations

Written by
• 4 minute read
small business security | OnDeck small business loans

Article Summary: Security is a concern for everyone these days, but small businesses are also prime targets and addressing small business security dangers is something every business should have on their radar. Cyber criminals are increasingly targeting small businesses, but that isn't the only threat. In 2016, 8.8 percent of small businesses reported a burglary.

As a result it's important to secure your digital business as well as your physical business. According to the Hartford Insurance Company, the average business burglary costs $8,000—and cyber crime can add up to even more. Keep reading to learn more about what you can do.

The rise of e-commerce has made small business security a priority concern for businesses. Half of U.S. small businesses were breached by hackers in 2016, according to a report by Keeper Security and the Ponemon Institute. The report indicated that cybercriminals are increasingly targeting smaller companies with phishing attacks, seeing them as more vulnerable than larger firms with bigger IT security budgets. Meanwhile, traditional security remains a major issue, with 8.8 percent of U.S. small business owners reporting a burglary or theft in 2016.

In the face of these threats, businesses are increasing their investment in security solutions. To make a smart choice when investing in small business security, whether cybersecurity or physical security solutions, it’s crucial to be well-informed. Here are four essential considerations brick-and-mortar business owners should take into account when selecting security solutions.

Securing Your Virtual Business

The Internet has moved your security perimeter into cyberspace. To assist small companies with cybersecurity, the Commerce Department’s National Institute of Standards and Technology (NIST) has published a guide on the fundamentals of Small Business Information Security. The guidelines outline a series of steps to safeguard information and operate safely and securely.

To safeguard your digital information, NIST recommends five steps: 

  1. Identify who has access to your business information and conducting background checks before setting up individual accounts for each employee.

  2. Take protective measures such as limiting who has access to information, using encryption, securing network access points, installing firewalls, patching operating systems and applications and setting up web and email filters.

  3. Activate intrusion detection capability by updating anti-virus and anti-malware programs and creating security logs.

  4. Set up a disaster recovery plan so that you’re ready in the event of an emergency.

  5. Implement your ability to recover by creating a file backup procedure and getting cyber insurance.

NIST also provides some operational guidelines your staff should implement. Use separate business and personal devices and accounts, or keep business apps and data on devices partitioned from personal ones. Don’t connect unsecured devices or hardware to company networks. Use secure networks such as virtual private networks when going online. Don’t download software from unofficial websites. Use strong passwords and two-factor authentication methods, and don’t share sensitive information with unauthorized parties.

Securing Your Physical Business

When it comes to security for your physical location, the U.S. Chamber of Commerce Foundation summarizes some practical guidelines. Burglars thrive on concealment, so trim any landscaping would-be thieves might use to hide themselves, including bushes in parking lots as well as trees near windows. Install lighting and motion sensors to further deny concealment opportunities. Set up video cameras at locations burglars might use to conceal themselves or access your premises, including entrances, garages and loading docks.

Secure doors with strong deadbolts. For windows, use pins and locks and add bars and protective film for extra security. Repair damaged doors and windows quickly to prevent them from becoming potential entry points. Install alarm systems that will notify you if your building has been breached and summon authorities to the scene.

Security Cameras vs. Dummy Cameras

Installing visible security cameras is an important strategy for deterring burglars. Sixty percent of incarcerated burglars said that they considered the presence of security cameras or video equipment when targeting a property and forty percent admitted that spotting security cameras would persuade them to target another property.

This raises the question: Can dummy security cameras serve as a deterrent as well as using real cameras? Experts say no. Cheap fake cameras are easy for experienced burglars to spot. They are only useful for deterring petty thieves without much experience.

More expensive fake cameras may be harder to spot, but they also have other cons. Fake cameras are useless for identifying suspects in the event of an actual burglary. They create a false sense of security, which can lull you into failing to take other preventive measures. They can even expose you to legal liability if someone claims they were misled into taking inadequate protective measures because they thought there were real security cameras on your premises.

In addition to the cons of fake cameras, there are some benefits that weigh in favor of real cameras. Besides being useful for security, real cameras allow you to gather information about buyer behavior, which can be useful for customer analytics purposes. For instance, you can study which parts of your store shoppers frequent and which shelves they spend the most time at, which can help you better organize your displays for optimal sales. You can also use security cameras to study and improve your customer service. In fact, 68 percent of companies are now using security cameras to improve their operational efficiency and not just for security applications.

Small Business Security Costs: Worth the Investment?

So does the cost of real security cameras and other physical and cyber security measures justify the cost of investment? The answer is analogous to asking if the cost of health insurance is worth it: when you don’t need it, it seems expensive, but if you don’t have it when you need it, you wish you had it. The average business burglary or theft incident costs the victim $8,000, but damage to your reputation can run as high as $50,000. Furthermore, over one-third of companies that were hit by a data breach in 2016 suffered a loss of 20 percent in revenue.

So the costs of not investing in security can be catastrophic. On the positive side, security investments can pay for themselves if you tap into their revenue potential. For instance, using security cameras to study customer buying behavior can boost sales.

If you need financing to cover your security equipment investment, consider getting a small business loan. NerdWallet provides a step-by-step guide to exploring different loan options and applying for the one that’s right for your business.