How to Protect Your Contract Data from Hackers

With big names like Target, Home Depot, and Neiman Marcus making recent headlines, it may seem like only big corporations are victims of data breaches. For every breach at a major corporation, there are many more at mid-size and large enterprises. The reality is that no enterprise is immune to malicious hackers.

The cost of data breaches is high, about $188,000 on average. While business owners in the retail industry pay an average of $78 per stolen record, those in the healthcare and finance industries pay $233 and $215 per stolen record, respectively. Some U.S. companies have to pay penalties up to $246 per compromised record. Here are some strategies to increase the security of your contract data from hackers.

1. Develop a Security Plan

Only 38% of companies have a security strategy to protect its IT infrastructure. When grouped by company size, the smaller the company the smaller that percentage. Hackers target smaller business because those businesses are not equipped to handle or detect cyber threats. The main goal of a hacker is to use the small business as a front to conduct attacks on bigger corporations. This is a technique known as a “watering hole.

This is why you need to provide your IT staff enough time and resources to develop and implement a security strategy. If your in-house team doesn’t have to expertise, then you need to make the investment and hire IT security experts.

2. Upgrade Software

With tight budgets, upgrading to newer versions of software may sound like an expensive proposition. However, you should take into account the opportunity cost of the increased exposure to cyber threats. For example, Microsoft ended support for Windows XP and Office 2003 in April 8th, 2014. If you continue to use this over 12-year old operating system, your business is exposed to these potential risks:

  • Without support from Microsoft, Windows XP no longer receives necessary patches and updates to protect data from viruses, spyware, and other malicious software.
  • Depending on your industry, your enterprise may be regulated by standard such as HIPAA, which require you to meet certain minimum requirements. Under most cases, Windows XP no longer meets minimum security requirements.
  • Companies become locked-in to certain vendors and their prices, because those vendors are the only ones that provide support to an outdated platform.

3. Leverage Your Company’s Firewall

Some companies are hesitant to take advantage of the Cloud because they fear that this lowers their level of security. Fortunately, it is possible to securely deploy cloud-based applications by leveraging your firewall.  For example, a contract management software can be installed within the your IT Web Environment – behind your firewall. This approach ensures you can leverage important data from any location using a standard web browser.

This solution is ideal for companies requiring a secure application environment which users may be required to access from multiple locations via the Internet. Since the system is entirely web-based, users can reliably access your information from anywhere across your enterprise via standard Internet connection or via VPN.

A major advantage of this approach is that your enterprise gets the best from both worlds. On the one hand, it leverages your company’s secure firewall to protect your data. On the other, the service provider automatically implements the necessary patches and updates so that you don’t run into a scenario, such as the one with Windows XP.

4. Use Stronger Passwords

This is by far the easiest and more cost effective measure to implement of all. About 76% of attacks on corporate networks are due to weak passwords. Whether your contract management system is deployed on premise, through the Web, or entirely as a Software-as-a-Service, your staff needs to have good password practices. Just like you invest in hardware and software, you need to invest in security training. At the core of IT security is having strong passwords.

Microsoft provides 6 rules for creating strong passwords:

  • Create a password that is at least 8 characters long,
  • Don’t use your name, last name, or company name,
  • Avoid spelling entire words,
  • Never use previous passwords, and
  • Use a mix of uppercase and lowercase characters, numbers, and symbols.


Security breaches take their toll on your company profits, morale, and reputation. That’s why it’s critical that you take steps to protect your contract data. Some good practices are to develop an IT security plan, upgrade software as necessary, leverage your corporate firewall, and use stronger passwords.