Protect your business online

A data breach happens when unauthorised people access or disclose sensitive, confidential or otherwise protected data. This may include personal information, financial records, trade secrets or intellectual property.

Data theft specifically involves stealing digital information to misuse, sell or publicly expose it. Both threaten your business reputation, finances and legal standing.

Impact of data breach or theft

Data breaches or theft affect businesses differently, but common consequences include:

• financial loss
• reputational damage
• business disruption
• fines or legal action if you fail to protect data property

Read more about the impact of cyber attack on your business.

Data can be lost or stolen through:

• unauthorised access to IT systems and networks
• theft of property or equipment from your premises
• transporting data externally via unsecured devices
• poor data protection processes and staff mistakes, with or without intent

How to prevent data breach

To protect your business data, you should think about:

• where and how you store it
• how you secure it (both physically and electronically)
• who can access it
• how that access is managed (eg individual devices)

Back up your data

You should back up your important data regularly and store it securely off-site. For added protection, you can use data loss prevention software to:

• disable USB ports
• monitor copying of files to storage media
• prevent users from transferring the data altogether

Read the National Cyber Security's (NCSC) detailed guidance on the importance of backing up your data.

Create an asset register

As part of your security measures, you should create an asset register taking into account all hardware and software, including your server equipment. Determine which assets are at risk from cyber attack and record all the relevant details. Audit the register regularly to ensure that equipment is accounted for, and that the information is safe and secure.

If your data is stolen - how to deal with a data breach

If you think data has been stolen, or your business has been exposed to fraud, act quickly to:

• prevent the data breach from continuing
• discover the extent of the damage
• clean up the damage

Your incident response will depend on the circumstances. You may need to take specific advice from the police or legal advisors, but generally speaking, you should:

• report the incident to the relevant authority
• inform your bank
• check bank accounts for unexplained transactions
• check for any unexpected account activity
• review your credit position
• get IT security support if needed to investigate the breach or help you recover from the breach

Find out how to develop a cyber security incident response plan.

The NCSC provides incident management guidance and an 'Exercise in a Box' online cyber exercising tool to help businesses detect, respond to and resolve cyber incidents. Further guidance is available in their small business guide to response and recovery.^.

Reporting a data breach

As part of managing the incident, you may need to let people or organisations know about the security breach. You may need to notify:

• the regulators, if the breach is significant or if you've failed to comply with data protection legislation
• individuals or groups whose personal data has been compromised
• relevant industry bodies, eg in the financial or telecommunications sector

Different agencies have different remits in terms of investigating and assisting with cases of online fraud, data breaches and cyber crime. Find out how to report a cyber crime.

Under the UK General Data Protection Regulation (UK GDPR), you must report a serious personal data breach to the Information Commissioner's Office if the breach is likely to result in a risk to people's rights and freedoms.