As I was checking my email this morning, I stumbled on a message from an Estonian woman named Mary. It’s tragic really… she is dying from liver damage caused by poisoning. She was set to inherit a large sum of money from her late father, but her wicked stepmother wanted that cash, hence the poisoning. Now Mary needs me to set up a bank account to hide the money and I get to keep 50% of her fortune for my troubles. How neat is that!
The Call is Coming from Inside the House
When you think about security, you probably think about “Mary’s” phishing email above, trying to get your info or weasel some cash through scams. The good news is, these scenarios are less likely to affect your home improvement business than you might think. The bad news is, there are MORE COMMON dangers your data could face that aren’t talked about as often. How do we know? As a software company, we’ve seen these scenarios unfold. Let’s talk about those.
THE THEIF: Stealing Your Data
Traditionally, most people think of external threats like phishers and hackers stealing their data. However, from what we’ve seen, your home improvement business is in more danger from internal threats. For example, you have an ambitious employee who thinks “Why work for these guys when I can do all this stuff myself and take all the profit?” This intrepid future felon then takes all your lead info and scampers off into the night to begin pilfering your business.
Now, there is a fine line between caution and paranoia, and we’re certainly NOT suggesting you treat every employee as if they are about to steal all your trade secrets. However, you SHOULD be setting your company up with a system where the information that each employee has access to is limited to what they need to successfully complete their jobs. There are probably only a few people that need access to ALL your company’s information. However, do sales reps need access to all the leads, or just the appointments on their schedule? How much financial information do project managers need access to? Limiting employees’ access to extraneous information mitigates your risk of data theft, and…
THE DRUNK UNCLE: Costly Accidents Can Set You Way Back
User error is one of the biggest risks to your data. If your new hire gets into the wrong file and deletes something, will you be able to retrieve it? Like the solution to help mitigate theft, compartmentalization of data helps mitigate silly mistakes that could otherwise affect records on a mass scale. But redundancy is also key here. If someone accidentally downloads a virus or overwrites an important field across all your clients records, how quickly can you access your backup (You do have a backup, right?) and get everything up and running again?
Whether to use a cloud platform with multiple redundant servers, save hard copies, or use a platform that has their own backup system, is a serious consideration for any business. You worked hard for every piece of data in your system and you owe it to yourself to make sure it is secure from Murphy’s law.
FORCE OF NATURE: Sometimes the Risk is Completely Out of Your Hands
The risk that the Drunk Uncle poses can be alleviated somewhat with proper training or limiting access, but sometimes things are completely out of your control. Hard drives crash. Power surges fry systems. Data spontaneously corrupts due to glitches. Just like your home insurance policy covers a tree crashing into your roof, a software system with redundancies in place is your data’s insurance policy.
THE HIJACKER: Holding Your Data Hostage
One last aspect to consider is how readily available your data is. If you want to export your data and switch to a different platform, how easily can you extract it? Can you export it yourself? Is it in a format that you can transfer over and use in any other system than your current one? The culprit here can be an actual bad actor who doesn’t want you to leave their system, so they designed a data model in a way that it’s not useful outside their platform. Or it could simply be a short-sighted company with sub-par developers who paid more attention to their own wonky product and less to the fact that one day, you may want to have your data back in an organized fashion.
The result is the same though: you won’t have 100% access to usable info without housing it in their system. If you can’t use your data in the way you want, do your really OWN your data? Because you should!