One in five small businesses admit that they could do better when it comes to securing customer data.
New research published today by The Manifest has found that in a survey of 383 small-business owners and managers, 20% thought that the security of customer data storage at their company could be improved.
On the positive side, more than half of the respondents (57%) said that their small business had not faced a cybersecurity challenge in 2019. However, 15% either suffered a hack, saw their system infected with a virus, or experienced a data leak.
Researchers found that the data most commonly collected by companies is contact information (61%), customer name (52%), customer location (39%), physical address of customer (36%), and payment details (31%).
For almost a quarter of respondents, lack of funding for cybersecurity was an issue. Researchers observed that 23% of survey respondents admitted that more resources needed to be injected into their company's cybersecurity.
The majority of respondents won't need persuading in the face of pressure to increase funding in their business for cybersecurity. Researchers found that 64% of respondents considered it likely that they would devote more resources to cybersecurity in 2020.
By asking questions regarding current cybersecurity practices, researchers discovered that the most popular small-business cybersecurity measures include limiting employee access to user data (46%) and data encryption (44%).
Requiring strong user passwords and training employees on data safety and cybersecurity best practices were two further methods used by 34% of respondents. Fewer than a third of businesses (29%) used two-factor authentication to enhance password security.
The Manifest specifically surveyed small-business owners and managers who use a mobile app and/or website to connect with customers.
"Cybersecurity has become only more important in 2020 due to dramatic increases in remote work and online business," wrote researchers. "We wanted to understand small businesses’ experience with and plans for data safety—the process of protecting information from unauthorized access."
Commenting on their findings, researchers wrote: "Our research shows that small businesses use a range of data security measures to protect their data, including limiting employee access and encryption, and are considering investing in more cybersecurity resources in the future."