top of page
  • Writer's pictureChristina Sjahli

What Most People Don’t Realize About Data Security in Small Business

Updated: Jun 16, 2022

Most small to medium business owners think that the software and hardware they use are secure when it comes out of the box, but that's a dangerous mistake! Good cybersecurity and data security need more than hiring an IT specialist, sometimes taking up to a year to secure a company from data threats.

Jenn Diesi has an in-depth understanding of the importance of data security, especially for small businesses. She builds on her years of experience in information security and provides simple yet game-changing ways to secure and protect your company’s data. Jenn is the CEO of Geek Girl Tech, a company dedicated to helping secure woman-owned or women-led small businesses.

Data Security as a Human Right

In 1984, the United Nations declared that security is a universal human right. And it’s not just the United Nations that agrees — security is also defined and guaranteed by the European Convention on Human Rights, the Constitution of Canada, South Africa, and other laws worldwide.

But security is not just limited to your physical body. As Jenn says:

“Things like identity theft, fraud, cyber crimes, those hurt a person, because if you're hurting someone financially, you're also potentially affecting their physical security, right, like their ability to provide shelter, their ability to, you know, take care of themselves. So data security is equally as important in the world of rights, I believe.”

However, your personal data security doesn’t affect only you. If attackers breach your security, it can have far-reaching consequences for the people around you.

The Biggest Misconceptions About Data Security

A lot of business owners can get compromised by the devices they use. Many people often do not realize that their computers are actually unsecured by default — when you take a laptop out of its box, it is still typically very vulnerable. All the data you place on that device is unencrypted, and anyone with access to the laptop can read it.

Some companies allow you to pay a fee for data encryption and additional security, but the process to avail of this tends to be obscure. Others, like Apple, have built-in encryption, but you have to enable it yourself.

These technology companies might offer you the tools you need to secure your data, but they aren't forcing you to use them. You must be proactive yourself. Hiring someone with a background in security can help you evaluate and choose the right data security choices.

Data Security in Small Businesses

Once you've secured your personal devices, it's time to think about data security in your business. One other misconception is that an IT department or specialist is enough to handle your company's data security — which is untrue. IT is more about setting up systems and ensuring that your company has the digital infrastructure it needs to run. Cybersecurity is a different field altogether and is about configuring these systems to be secure.

As such, a small to medium business must know all its systems. What does it run on? These systems are things like:

  • Websites

  • Mailing lists

  • Accounting tools

  • File management tools

Every company has its own sets of systems that it needs to understand, manage, and secure. It’s also vital to consider what your company does with the data it receives and processes. It’s critical to take action to secure your data, but there’s another thing to consider: are all your business partners also protecting the data you send to them?

There's a lot to think about when it comes to data security, and it won't be an overnight project or even a one-month goal.

According to Jenn:

"It takes time to put in security. I wish I could just come in and, like, wave a wand and come in one day and leave and the next day, everything is better. But in reality, it takes at least a year."

Securing Your Data

Data security is vital to your company’s continued operations, so it’s best to get started as soon as you can.


One thing to consider is it's best never to assume that something is secure. That includes the lifeblood of many businesses: emails. Never send sensitive information via email. Even if you've done your part to ensure data security, you have no idea if the recipient of your email has done the same. There is a possibility that they didn't encrypt their devices nor configure their email security as well as you did.

Second, the cloud is not secure either: it's best to maintain backups of all your files to ensure you have access to them six or even ten years from now.

“You should never assume that data on a cloud is secure. Google, Microsoft, Amazon are doing things they need to do but that doesn’t mean that you don’t also need to do things.”


Another method of keeping safe is ensuring that your employees have two-factor authentication enabled; even if their passwords are compromised, there's an additional layer protecting your company's data and access to it. A password manager can also benefit your employees by creating more complex keys than most people make.


You can also hold Security Awareness Training to provide a better appreciation for your staff. Data security training can decrease the likelihood that your employees will make the kind of critical errors that external attackers prey on. Employees who are aware of the 'why' behind the things they have to do typically perform better.

Data Security and Profitability

After ensuring security, you know now that you've dealt with the possibility of threats and data loss. But data security isn't just about neutralizing negatives — it can also increase and protect your profits.

If two companies came to you with identical business proposals, but one of them had a more stringent security policy regarding data, which one would you choose? Data security can help enable sales by assuring your business partners that they are safe with you. It can also set you apart from your competitors.

Studies found that many small businesses shut down or close within one year after suffering from a significant attack or breach. Larger companies have the financial backing to absorb those impacts, but you won't have that leeway if you're a small business.

“If you don’t protect your data, you can lose everything,” Jenn says, "And that's going to impact your bottom line."

Interested in Jenn’s work? Check out GeekGirlTech. You can also check their blog for security resources, news, and updates. You can also reach out to Jenn via LinkedIn, Twitter, or Facebook.

If you want to grow your team to take your business to the next level, a CFO can help you figure out your next best move. Understand how to price fairly yet competitively and maximize your profits with the help of a finance team. Schedule a discovery call with Profit Reimagined™ to help you cover your foundations and deepen your understanding of these concepts.


bottom of page