With more of our personal and professional lives accessible on our smartphones, tablets and laptops than ever before, it makes sense to take better care of protecting the data on our mobile devices. And for owners of contracting companies, it’s even more important to keep your data secure — to protect your company information as well as that of your customers.
Data security was the topic of a session I attended at the 2016 annual convention at the Mechanical Contractors Associaton of America, held March 20-24 in Orlando, Fla. Speaker James Benham heads up JBKnowledge, which makes cloud, mobile and wearable solutions for the construction and insurance industries. He’s also an expert on data security solutions.
“There’s an irrational fear in the mechanical contracting industry of cloud-based data storage solutions,” he says. “They believe their data is safer on their computers than on someone else’s computer servers.”
But that’s a false assumption, Benham adds; all digital data is at risk, no matter where it is housed and who houses it. Keep in mind that even the Internal Revenue Service was hacked. So how secure is your company’s data?
Benham explained to MCAA members about the many ways hackers can steal data, but several are of special concern to plumbing and mechanical contractors with staff out in the field — whether on a new construction jobsite or doing repairs at a home.
Most contractors today provide their field staff with mobile devices with software and apps to streamline work on jobsites. But do they sufficiently train their field workers to protect the data on those devices? Do you?
You have information that hackers want — your customers’ data, particularly their financial data. It’s your responsibility to protect that information as best you can. Because if you don’t, and someone hacks into your system and steals customer data, you can be held liable.
Implement a mobile device management policy, Benham says, so that those in the field know exactly what they can and cannot do with company property. Make sure they understand the implications of clicking on suspect emails and visiting dodgy websites — especially on unsecured Wi-Fi networks, such as those in hotels and airports. In addition, institute a password policy for all mobile devices used by your employees. In the event they get stolen, it will be more difficult for the thief to access any information.
It’s also important to protect the data on your servers and backup drives, Benham adds. Some hackers use ransomware to basically hijack your network. Click on the wrong link or open the wrong document, and your entire system is locked up. You have to pay someone a ransom to be able to use your company computers again.
Or what if your data is stored offsite and the company goes bankrupt or is involved in fraud? Everything is shut down and seized by the bank or law enforcement officials. Your data is lost.
All this seems pretty frightening, I know. As I sat through the session, I thought about all the things I wasn’t doing to protect my personal data.
But there are steps you can take to protect your business. The first step, Benham says, is to buy a cyber liability policy that includes first-party and third-party protection. Think of it as insurance for your data.
Continuously back up your data to the cloud with a thoroughly vetted provider. The vetting process should include an onsite visit so you can see the operation — and the people who will have access to your sensitive information.
Encrypt the information on your network and make sure all company computers and mobile devices are equipped with anti-virus and anti-spyware software. And beware of free protection services, Benham says; free is not always a good thing. Be willing to research software and pay for the best coverage for your business.
Securing your cyber data — and that of your customers — seems like a daunting task, but there are experts available to guide you through the rough spots. Industry associations are good resources. Your business insurance company may also have experts on staff. In addition, the U.S. Small Business Administration’s cybersecurity page (www.sba.gov/navigation-structure/cybersecurity) has archived webinars, as well as tips and tools, for small business owners to implement cybersecurity programs.
So take some time this spring and implement a program to protect your digital data. Don’t wait for a hacker to get into your system and hold your computer system hostage.