Will small businesses ever catch up with large enterprises when it comes to IT security? Eddy Willems, security evangelist at G Data suggests they can and will and offers five tips on how they can do just that.
In today's tough economic climate with budgets and resources tight as ever, small business owners are deprioritising security, when they should be focusing on it. For the majority of small firms there are two ways to tackle IT security; manage it yourself or outsource the task to a consultancy. Regardless of your choice, it is vital to understand the importance of a centralised managed system.
Scenario: Let's say, for example, you own a business with 10 employees who all started at different times, all using different security programs, all expiring on different dates, and all offering different services. What happens if one computers licence expires and it gets hacked? This could have a crippling effect on the rest of the business.
The key is to have centrally managed system, which is installed on every machine and not just the server. It can then be controlled and monitored from one place, whether that be internally or externally. If externally, you need to ensure your consultant has a robust system in place to manage security and certainly don't assume that this is the case.
Once you have installed a centralised management system, it is important not to forget to install something on the gateway such as a firewall. Many small businesses assume they are not large enough to be the victim of a cyber-attack but nothing could be further from the truth. Small businesses are often targeted more than large businesses, as it can be easier to get in due to their lack of comprehensive security systems.
Scenario: So your business is relatively small, but your portfolio includes some large clients - not an uncommon situation. You don't have maximum protection on your email address book as this isn't as important as confidential company information. Wrong! A hacker could get into your email address book and automatically lift details of some very large organisations. Connections are one of the most common ways cyber-criminals attack large enterprises so you must ensure you have an effective firewall in place.
So you now have a comprehensive, centralised security system and an effective firewall. But small businesses also need to understand the importance of backup.
Scenario: You have malware on the network which is removed but when you go to access files on the server, they appear to be gone. Unless your server is backed up, you run the risk of losing critical company data. Backups should occur regularly and often.
Operating systems and anti-malware/virus products are not alone in the need for regular updates. Third party programs such as Adobe Acrobat Reader and Java also need updating. The dangers surrounding third party programs are often underestimated by small businesses, and if not updated, the company can be exposed to the latest threats.
It's often impossible to automate the update procedure, which means that the company itself has to take care of the updates from the third party programs when they are available. This will avoid the threats but it is not an easy task.
Lastly, like enterprises, an increasing amount of small businesses are introducing formal, written security policies, but is this enough?
Many large corporations offer training sessions for employees, but unfortunately many smaller companies don't have the resources to be able to do this. Nevertheless, employees need know and understand the company rules surrounding online behaviour.
These can be enforced by PolicyManager applications that are sometimes included in security software for businesses. This not only helps keeping the network clean of software, but also helps businesses raise their efficiency, for instance by limiting private use of the internet facilities at the office.
There is a huge misconception in the small business market that just because you are within a company, you automatically have protection. Don't let this assumption be the reason you get hacked! Another important point to remember is not to assume that free antivirus has all the necessary protection that a paid-for security package has. Of course, there is a huge cost benefit for businesses by getting it for free, but always make sure you are aware of the extent of the protection.
After implementing the basic level of protection, many small business owners don't look closely enough at security until they have to which is often too late. Viruses and cybercriminals are becoming more advanced by the day so don't make assumptions and don't become complacent. Remember that one cyber-attack has the potential to cripple a small business immediately.
To help you on your business journey, we've created Smarta Business Builder, the complete online tools package for growing your business. Website Builder, Business Plans, Accounting Software, Legal Documents and Email - all in one place - from just £20 per month with no contract! Try it out today.