Data Breach Prevention

lock overlaid on computer motherboard

Data Breach Prevention

Data breach prevention strategies are the best way to avoid data breach. As a small business owner, learning how to protect and secure the data you collect is an important part of preventing a data breach. The PROTECT PROTOCOL™ incorporates best practices for data security. Using the acronym PROTECT, this article will discuss many of the ways you can significantly reduce the risk that your business ever falls victim to a data security breach.  The majority of these protocols apply to your personal data as well and can help you prevent becoming a victim of identity theft!

Password protection

Password protection is where data breach prevention begins. These are easy to implement deterrents to cyber thieves:

  • Use strong passwords that are not easy to guess or decipher.
  • Change your passwords frequently and don’t share.
  • Use a different password for every account you access. Using one password for multiple accounts increases your risk exponentially.
  • Use a password manager software

Routine updates

Routine security updates on your devices and applications aren’t just an annoyance – they serve the important purpose of data security!

  • Maintain updates and patches on your operating system and apps. These updates help to block viruses and malware and patch known security vulnerabilities
  • Routinely delete old apps that you are no longer using. These unused apps can become a back door for hackers.
  • Upgrade your device when your version is no longer supported. Old tech is a security risk.

Opportunity blocks

Don’t make it easy for criminals to get ahold of your data. To avoid data breach, block their opportunity everywhere you can:

  • Set your laptop to auto-lock after a period of inactivity and require a password to restart.
  • Lock up sensitive paper files.
  • Keep only the data you actually need for your business and routinely delete what you no longer need. Less data = lower risk.
  • Destroy before disposal. Shred paper. Wipe drives.
  • Limit access to those with need to know.

Travel securely

Use these techniques to reduce your risk of data breach when you are on the road:

  • Enable remote wipe on all portable devices
  • Avoid use of unsecured networks (especially free wifi in airports and coffee shops)
  • Limit the use of portable drives which are easily stolen
  • Turn off Bluetooth when not in use


A little knowledge about data breach prevention goes a long way. Learn to avoid becoming the inadvertent cause of a security breach.

  • learn to recognize phishing emails. Is the grammar and syntax off? Does the “from” email match the alleged source of the email? Did you request the email?
  • look for the lock (https) – if a website doesn’t start with “https” or have the lock icon next to the URL, beware!
  • check links by hovering – if you hover over a hyperlink (without clicking on it) you should be able to see where the link will send you. If it doesn’t match where you expect to be sent, don’t click!
  • Never act until you are sure! Call the sender before clicking a link.

Conduct an audit

Identify and address your risks before they become problems! By conducting an audit, you are learning where your vulnerabilities lie and the best strategies for data breach prevention.

  • What data do you have?
  • Where is it stored?
  • Do you need it all?
  • Who has access?
  • What are you doing to protect it?


Use the technology tools available to you.

  • Install an antivirus program on ALL of your devices.
  • Use a firewall and keep your router up to date.
  • Back up your data to an EHD or a cloud based app.
  • Use multi-factor authentication.
  • Use encryption for sensitive data transmission.

Be a Less Enticing Target

That’s a long list of “to do’s” to add to your already busy small business schedule!  I’m not suggesting you implement every single thing all at once. Maybe you tackle one data breach prevention strategy at a time and implement as you have the resources (time and money) to do so. Each step you take, is one step closer to having your data protected!

Will following the PROTECT PROTOCOL™ magically guarantee that cybercriminals will leave you alone and move onto the next target? Not necessarily. I can’t guarantee that. Nobody can.

But it will slow them down and make you a less enticing target.

And maybe save your business in the process.

If you would like to learn more about your legal obligations around data breach, hop back to this article!

If you are a small business owner in Pennsylvania or Maryland and would like to be able to discuss data breach and many other small business concerns with a small business attorney for a flat monthly rate, check out our Business Counsel Membership!

©2024 Cheri D. Andrews, Esq. This material is informational only and does not constitute legal advice. This material does not create an attorney-client relationship between Cheri D. Andrew, Esq and the reader. Recipient should consult with counsel before taking any actions based on the information contained within this material.

Data Breach Requirements for Small Business


Cyber liability insurance