By: Andre Boysen, CIO, SecureKey

Being a business owner means going the extra mile to protect customer and employee data, and small business owners are facing unique challenges.  

Businesses of all sizes and industries are responsible for the personal information of customers and employees. Most of them still save that information in centralized databases, like internal servers. This centralized information is particularly vulnerable to data breaches – the likelihood of which exponentially increases day in, day out.

Small business owners face unique challenges in a digital world. A common misconception is that larger companies are preferred targets for hackers. While the “prize” may be broader with larger businesses, these firms often have the in-house expertise and budget to put effective security measures in place. Unfortunately, smaller businesses may not have these resources at their disposal to strengthen their networks and are outgunned by cyberattackers who prey on them.

In its most recent report, Symantec found that spammers are non-discriminatory when it comes to the size of the companies they target [1]. Small businesses were the most-targeted, with a spam rate of a whopping 54.2 per cent. The difference between small and larger businesses? Just over a single percentage point.

In previous years, Symantec also reported that phishers were targeting more small businesses than other sizes [2]. In 2015, phishing campaigns targeted small businesses at a rate of 43 per cent. A mere four years before in 2011, this figure was only 18 per cent.

Small businesses’ ability to fight these threats fades when up against these numbers. Only 14 per cent of smaller companies rated their ability to mitigate cyber risks, vulnerabilities and attacks as “highly effective,” and a further 60 per cent were unable to sustain their businesses over six months after a cyber-attack. [3][4]

What can small business owners do to protect the personal information of clients and employees?

Decentralize.

Some of the global security uses of decentralization that have been put in place – often using innovative and promising technologies like blockchain – are making vulnerable passwords obsolete, enhancing privacy and security of digital operations and protecting sensitive records and personal information, especially in the banking sector.

The distributed and decentralized nature and security of well architected blockchain-based networks make a successful cyberattack much harder to mount.

With a strong commitment to protect the identities, enhance data security and provide safer, easier access to online services for all Canadian consumers, SecureKey plans to launch Verified.Me in 2018. Our platform is a robust digital identity authentication tool that uses blockchain to spread personal data across a myriad of sources, making it impossible for hackers, phishers and spammers to know what piece of information belongs to whom – or see it at all.

With Verified.Me, consumers will be able to use share personal digital identity information and prove their identities, to access a variety of online services securely and privately. This both increases the integrity account registration, while also limiting the amount of data consumers need to share (which further decreases breach risk). The service reduces the consequence of breaches while also limiting fraud (account takeovers and masquerading).

As March marks the 14th anniversary of Fraud Prevention Month in Canada, SecureKey joins country-wide efforts to encourage Canadians and small business owners to recognize fraud and better protect their identities online. Visit our online resources to learn more about:

[1] https://digitalhubshare.symantec.com/content/dam/ent/collat/reports/RPT_ISTR-Main-Report_EN.pdf?aid=elq_&elqTrackId=a4536141fdba4e639c7e80d98f3e522f&elqaid=3783&elqat=2

[2] https://www.symantec.com/content/dam/symantec/docs/reports/istr-21-2016-en.pdf

[3] https://signup.keepersecurity.com/state-of-smb-cybersecurity-report/

[4] https://www.denverpost.com/2016/10/23/small-companies-cyber-attack-out-of-business/