How to protect your small business from a data breach

Data breaches, whether by menace or accident, can allow third-parties to gain access to data on all of your customer, employee or business records. This creates one of the biggest risks that UK businesses face; both in terms of financial and reputational damage. A 2017 study by Ponemon Institute, identifies that data breaches cost UK organisations an average of £2.5 million to resolve.1

This is hardly surprising with the UK’s IT Governance reporting 150-200 million leaked records per month.2


EU General Data Protection Regulation (GDPR)

This new regulation means tougher penalties for business’ falling foul of Data Protection laws. The Information Commissioner’s Office (ICO) will enforce the GDPR from May 2018 and it will mean that fines could increase from a current maximum of £500,000 to €10 million or 2% of annual turnover (whichever is higher).3


Is your business doing everything to prevent a data breach?

At a time when data is so valuable and the risk of exposing it is so large, what more could you be doing to protect your own business and the data you hold?

1. Understand data requirements

First and foremost, it’s vital to be aware of and understand the various laws and regulations which govern your business and how it handles its data. Ignorance is no defence should the worst happen! The ICO website is a great resource, offering easy to understand guidance on how to comply.

2. Risk assessment

Once you are fully aware of your obligations, take time to assess any existing risk areas in your own business. Once risks are identified it is much easier to monitor them and in many cases, to put procedures in place which will reduce them or remove them altogether.

3. Systems and software

Your systems and software will often be your first line of defence. Make sure you have software in place to protect you from an attack – and make sure it is kept up to date!

4. Physical security

Of course, not all data breaches happen digitally. In some cases, data is exposed through loss or theft of equipment such as mobile phones, memory sticks or laptops. Ensure that data stored on these devices is protected and that the devices themselves are properly secured at all times.

5. Staff training

Procedures and processes are only as effective as the people carrying them out. Make sure your employees are kept updated with any relevant requirements and that they are fully trained to implement any security and protection procedures you have introduced in your business.

6. Supplier due diligence

If a supplier relationship involves any transfer of data, then it’s important to make sure that they take as much care as you to ensure the security of that data. Check up front that proper precautions will be taken before you agree to work with someone.

7. Audit and review

Make sure that the processes you have put in place are working effectively by carrying out regular audits and reviews. This will help you to identify any problem areas and to take action accordingly.

8. Monitor your business credit report

Like people, every business has a credit score. Access your business credit profile and set-up monitoring, to alert you to all activity on your account. Should anything suspect occur, you’ll be in the know, and can take the appropriate action to secure your business and reduce risk.

9. Plan ahead

Finally, make sure that you have a robust plan in place, should your business suffer a breach. In this instance, acting quickly is absolutely key in order to minimise the impact to your business and of course, to your customers or staff.


As a small business, you cannot ignore the risk of data breach, but by taking these simple precautions, you can ensure that you are doing everything you can to protect your data and to prepare for any incident that may happen.


Sign-up for Experian My Business Profile today, and receive the first-month for free with absolutely no obligation. You’ll receive automatic monitoring alerts that notify you when something changes on your account, so you can act quickly. Plus we provide support and ongoing advice to help you build and maintain your score so it’s the best it can be. Try For Free Today.


Sources: 1. IBM, 2. IT Governance, 3. ICO

Leave a Reply

Entering your personally identifiable information is optional. Your email will never be published.

Leave a Reply

Entering your personally identifiable information is optional. Your email will never be published.

Posted on by Katie Hague

Estimated read time: 5 mins