Four reasons IT security shouldn't fill SMEs with dread
6 min read
06 November 2015
Most people will have seen some high-profile security breaches in the news recently, but ask yourself – how many SME security incidents can you name?
The number is likely to be small. Does this mean smaller businesses are immune to threats?
Far from it.
The 2014 UK Cyber Security Report found 60 per cent of SMEs had fallen victim to an incident in the past year. Furthermore, the UK has lost a staggering £4.3bn to digital crime in 2014. Many expect this figure to keep rising for some time.
Remember, the risks from lax security are not just financial loss or reputational damage. They can include client loss, extortion, compliance issues and other damaging outcomes.
Traditionally, most SMEs have lacked both the technical understanding and focus to make security a priority, but this has started to change. Driven by easy-to-deploy, affordable cloud solutions, businesses of all sizes are rethinking their security.
This includes an often forgotten subset of IT – Apple Macs. Recent figures showed Mac OS X’s share of the market had reached roughly eight per cent; therefore, companies running Apple’s operating system need to think as much about security as their Windows counterparts – they are no longer an ignored minority.
Additionally, because protecting business data spans more than just anti-malware, businesses of all PC types should consider the range of defences at their disposal.
There are many solutions that make managing this process easier, however, below are some basic tips for every business owner to consider.
1. Strengthen everyone’s passwords
Each of us likes to save time, but it is concerning that this trait continues to apply to internet and device passwords. For example, a recent study showed that ‘123456’ is still the most popular password, with ‘password’ in second place.
Passwords are the first step to securing your business data. Including numbers and symbols should be a bare minimum. The phrase should be highly unique to the user, and that doesn’t mean a birth year or location.
An even better option is mobile authentication, which many online services have started to use.
Also, try not to use one password for multiple accounts, because if one is compromised it could provide the hacker with a direct route into every business account.
Read more on IT security:
- What really happened to TalkTalk – and how your firm can avoid falling trap to a similar scam
- Women urged to join fight against cyber crime and protect UK firms
- Government to unite 50 young British cyber security experts from 13 UK universities
2. Update your software when prompted
It might seem like a distraction, but always update your software when you are prompted. Browser updates often contain critical security patches against vulnerabilities. Updates generally download in the background and most only take a few minutes to install.
Understandably, expecting staff to manage this process can be a lot to ask because of their busy schedules, while updating a large number of computers can take up your own time. That is why many businesses look to cloud security solutions to ease the burden of managing multiple computers.
Continue reading on page two for how you can protect staff from themselves and why knowledge is power.
3. Protect your staff from themselves
One of the largest risks to a business is an individual’s lapse in judgement. They might access a slightly unscrupulous site during work hours or when working from home, or click on a malicious link on a social network they frequent.
Monitoring staff browsing behaviour no longer requires complex IT solutions or a great deal of time.
Most SME security suites will provide you with dashboards and graphs of top-line computer usage, as well as granular data to drill down into when you require it.
Just because you cannot see poor practices happening in the office, does not necessarily mean your employees are not putting your business at risk through misguided internet usage.
4. Knowledge is power
Finally, one of the simplest ways to protect your business from security breaches is to improve your team’s knowledge. Holding one-on-one sessions and group meetings will help your employees to stay vigilant and to be kept abreast of the latest security threats.
Ensure policies are in place so people know what they are able to do on the business network.
With some helpful guidance for your staff, a little perseverance and a suite of easy-to-use management tools supporting your efforts, IT security can be a lot easier than you might think.