While the financial year ends after June 30, for many businesses it’s the beginning of weeks of reconciling numbers and wrapping-up the financial year that was. Most business owners and their accountants don’t get to breathe that end of year sigh of relief until well into July or August and for some even longer.
Many people don’t like doing their taxes – but thankfully for the SMB at least, things are getting a little easier with the help of online tools that manage tax returns and book-keeping tasks. Technology is now at the stage where, if SMBs really wanted, they can selectively source their book-keeping process using communities like Freelancer.com. Although, admittedly, it would take a brave SMB owner to do so!
Technology continues to make life more convenient and cost effective for the small business owner. Recently this has been through areas such as cloud business applications, advances in mobile banking, and stakeholder and customer relationship management (CRM) tools available at the click of a mouse. However along with the added convenience of these online applications come new threats to information loss that the SMB owner needs to be aware of.
A recent report by Symantec showed that cyber criminals are increasingly focused on targeted attacks aimed at stealing financial and personal information and the number of threats continues to grow. Globally in 2010, for example, data breaches caused by hacking resulted in an average of over 260,000 identities exposed per breach—far more than any other cause.
What hackers like about a small business is that they tend to have more money in the bank than an end-user or consumer and less cyber defences than a larger company – making them a less sophisticated and lucrative target.
Cyber criminals are no longer limited to being highly skilled computer geeks either. Today they can hire the expertise online by leveraging easily available attack toolkits, and today even a relative novice could attempt to infect your computers and extract confidential information they need to steal your bank account login and password or steal a list of your customer’s credit card numbers.
It is one thing to have your business information compromised, but it can be business-ending if you compromise your customers. We recently saw this devastating concequence for a Melbourne based business who subsequently went out of business as a result of a cyber hack where both their primary information and backup systems were deleted, impacting as many as 4800 of their customers.
There are some basic steps to help protect sensitive data however. Below are some suggestions to help small businesses protect critical financial information such as that required for online tax returns:
Secure your files
If you do your business’ taxes on a company computer, you will likely have some highly sensitive financial information on your hard drive and moving across your network. Make sure your files are secured with password-protected directories and accounts, and that your entire system is protected through robust security software. Also, if you’re using a wireless network when filing electronically, be sure to use a secure Internet connection (SSL) and do not use a public wireless hotspot.
Mobile Device Management
As businesses and staff become increasingly mobile through devices such as tablets and smartphones and have the ability to conduct business ‘anywhere, anytime,’ it serves as a reminder for businesses to manage all the places critical information is likely to be stored or accessed. Globally in 2010 for example, there was a 42 percent increase in reported vulnerabilities that affect mobile devices. Despite this, users tend to be less cautious with securing their mobile devices than their home or office PC.
Currently, most malicious code for mobile devices consists of Trojans that pose as legitimate applications. These applications are uploaded to mobile app marketplaces in the hope that users will download and install them. To keep your business safe, consider endpoint protection and encrypting all of the devices used for business purposes as ways to prevent company information being accessed through the ‘back door’.
Back up financial data
It’s important to back up your company’s financial data regularly to ensure it is protected. Keep backups on media outside of your computer – whether you burn them to a CD, copy them to an external drive or upload them to your ISP’s storage space. As with your hard copy financial documents, be sure that any backups of electronic financial records are password protected and kept in a secure environment. If they need to be deleted, do so in a secure manner.
Keep your software updated
As the threat landscape changes, the software we use has to change with it. Be sure to keep your security software up-to-date to ensure it can address the most current threats to your information. The effectiveness of your business’ security software – from malware protection to spam prevention – depends on keeping it current.
Lastly it seems simple, but educate your staff on the simple things like not to open email attachments they’re not familiar with, not to click on links in email or instant messages and the dangers of posting sensitive information to help prevent breaches.
By using these tips, you’ll be able to take advantage of the convenience of filing taxes electronically and managing your accounts online – without putting yourself at risk of the serious damage that can come if your business loses its data or falls prey to a security threat.
What I should stress however is that the threat of cybercrime shouldn’t discourage using online tools, which are fantastic when you’re managing a small business and great at increasing productivity. Small businesses have a flexibility to them that distinguishes them from the larger players in the market and that is their competitive edge. As a result, SMBs should look to take advantage of the technology available to them in the widest extent possible while ensuring that they have measures in place to protect themselves and their customers. And the end of financial year is a good reminder for all businesses to protect their most important asset – their information.