One of the biggest worries for small business owners is often how secure their customers’ data is. Business owners know they need that data for a variety of reasons, including processing payments. At the same time, though, they also know that any breach of data could result in customers never coming back, at the very least. In the most severe cases, it could also result in bankruptcy and even legal trouble. Here are the top 5 vulnerabilities to look out for, and how to prevent a leak.

5. Employees’ Mobile Devices

Chances are, you don’t have the capital to buy phones, tablets and/or laptops for every employee. As such, they likely use their own devices at work to access customer data. That data could be compromised much more easily than it would on devices that are used and stay in the building. If your employees use their own devices for work, make sure you have a strict protocol in place for security, and your employees understand the risk. You can also use mobile device management solutions to heighten security.

4. Third-Party Service Providers

Using any sort of third-party provider can bring a wealth of problems, if that provider is not highly secured. Many small business owners, for example, may choose to outsource payroll services overseas to cut costs. But even seemingly unrelated services, such as a bean provider for a coffee shop, can pose a risk due to the virtual paper trail left behind. Make sure anyone you do business with is reputable and has good cyber-security measures in place. Also make sure your providers don’t have access to more data than they need, and only have that access at certain times.

3. Cloud Storage

Cloud storage is becoming increasingly popular for small businesses, as it allows you to access your information from anywhere. But, cloud storage is also a popular target for attacks, as users typically use fewer security measures on those accounts.  If you are going to use cloud storage, make sure your provider encrypts all of your data. Also use dual-factor authentication to make it much harder for an unauthorized person to gain access.

2. Hacker Attacks

Though much less common than other breach risks on the list, malicious attacks are a concern for small businesses. Perhaps the most common hacking tactic is phishing, in which a seemingly innocent email is sent that requests your personal information. Often, these look like they are from a bank or other institution. Or, you may accidentally download malware, which attacks your hard drive and steals information from it. Regardless, make sure you have a strong firewall and other security features. Change your passwords every now and again, and never click on any links from people you don’t know.

1. Your Own Employees

There is no easier way for data to be breached than by those who already have access to it. Though this is sometimes done maliciously, more often than not data is leaked by employees on accident. If your employees handle customer data, make sure they follow strict protocols to avoid breaches. Check accounts monthly for any irregularities or suspicious behavior on accounts. If you have to terminate an employee, make sure they don’t have access to any data — this should be done immediately after or even just prior to their termination.