What are 4 Things a Small Business Should be Doing for Data Security?

1. If you don't need it, don't collect it...and don't store it. If you have it and don't need it any more, destroy it — responsibly.
2. Restrict and limit access — by everyone — to sensitive data.  Use locks on doors and file cabinets.  Limit employee access to data to those that need it to do their jobs.  Take precautions when mailing records.  Encrypt sensitive electronic information inevery site it is stored — on computers, on laptops, on PDAs, iPhones and iPods, on USB drives (sometimes called "thumb" drives").  Transmit data over the Internet using secure connections (SSL technology).
3. Use effective passwords...and issue a unique password to every employee.  Never use the default password that comes from another product or service provider.  Never use obvious passwords, such as your name, business name, family member's name, "12345," "ABCDE," "password," or your user name. Change passwords every 45-60 days.
4. Block potential intruders.  Protect your IT systems from viruses and spyware by using antivirus protection and firewalls.  Make sure these protections are up-to-date.