Data Security in 2019 Is More Important Than Ever for Seattle’s Small Businesses

2019 is shaping up to be quite a year for data security here in Seattle and across the nation. As we’re writing this, the Washington state legislature has introduced 5 big data privacy bills for the 2019 session:

• HB 1071 / SB 5064, which requires businesses to notify customers whose personal, sensitive data may have been breached
• SB 5377, which limits state agencies from selling personal information to third parties
• SB 5376 / HB 1854, the “Washington Privacy Act,” which grants customers power over the data that businesses collect on them and also prohibits state and local agencies to use facial recognition technology for ongoing surveillance in public spaces

These bills, especially when considered along with national initiatives such as a potential federal privacy law that Facebook, Google, and Microsoft have been calling for, are a big sign that data security is becoming a key issue.

So, let’s talk about how you can build better data security at your small business in 2019 and beyond.

Simple Steps Your Company Can Take to Boost Data Security

Building a data privacy plan or policy from scratch can sound like a daunting chore to many overloaded small business leaders because — ugh— it’s yet another task to add to your never-ending To Do list.

However, there’s no reason to dread increasing your organization’s data security practices – when you work with a local IT company here in Seattle,it can actually be quite easy and affordable to set up a good cybersecurity policy for your company.

Get started right with these 3 steps:

1. Know where your data vulnerabilities lie

Perhaps a port is open on your firewall or maybe you’re sending unencrypted personal data over email. It could be that you’re hosting a large number of employee-connected IoT devices, such as smart kitchen appliances (we’re not kidding!), or you simply haven’t updated or patched your systems recently. No matter where your data security vulnerabilities lie, a network scan can help you identify the problems you should take care of.

A good Managed Services Provider (MSP) / outsourced IT company can come over to your offices and help you perform a detailed network security scan– or you can do your own quick “scan” by answering a DIY network health assessment.

2. Assume that you’re always vulnerable

Once you know where your official vulnerabilities lie, you’ll know how to improve your data security: fix the issues! However, effective data security isn’t a “one and done” kind of thing, it requires a continuous security mindset in which you assume that new vulnerabilities are guaranteed to arise. They may come from software bugs, your business productivity programs, your computer hardware (remember Spectre?), your BYOD policies, or lax security habits from your in-office or remote employees.

To combat this ongoing vulnerability problem, you can work with an MSP to help you stay up to date with the latest patches, updates, and security tools available. It’s also a good idea to perform regular backups using a business continuity solution, which can restore your systems in as little as 5 minutes after a cyberattack.

3. Figure out what data you’re collecting and why

In 2018, California passed the California Consumer Privacy Act (CCPA), which essentially copies Europe’s General Data Protection Regulation (GDPR). You can learn more about GDPR in our handy blog on the topic, “What Is GDPR Compliance… and Should You Care?,” but the quick-and-dirty summary is that both GDPR and the CCPA grant individuals the right to know what data of theirs is being collected, and delete some of that information if they choose.

Since California’s law is the first of its kind in the US, legislators and tech-industry insiders expect that other states will adopt similar bills soon. Wouldn’t you know it, Washington legislators are doing so right now.

We mentioned the Washington Privacy Act earlier (SB 5376 / HB 1854) and if it passes, your customers will have the right to access, delete, correct, restrict, or otherwise control their data – and you’ll be on the hook for managing their data as well as notifying them if your data security practices have failed to protect their information.

It’s important to get an idea now about the data you collect and store, so you can figure out if you actually need all that data. That way, you’ll be prepared if these bills become law. A good MSP can make recommendations for auditing your data and preventing leaks.

Get Started on Improving Your Data Security Right Now

Ready to identify your vulnerabilities with a free network security scan, get a quote on 24/7 network monitoring, and find out more about business continuity backup services? The Interplay team can help.

Award-winning and recognized as one of the best MSPs in the world, Interplay is one of Seattle’s longest-standing MSPs offering tailored services to the Seattle area’s small businesses. We know business and office technology through and through, yet we’re actually pretty fun to talk to. Best of all, we’re always happy to roll up our sleeves and get your tech working better for you.

 

Find out how much easier data security can be when you contact Interplay for a quote.