Not so long ago, SMBs looked at the role of IT only in the installation of computers and maintenance. Being IT savvy, keeping up with emerging trends etc was never a top priority .By stark contrast today, anyone owning, running or working in a small business must be as smart about IT as they are about business.
The internet forms an integral tool for conducting business today. As SMBs evaluate adoption of some technologies for various benefits, they need to be aware about not making mistakes that can affect the running of their business. This however, is easier said than done.
The security landscape is constantly changing, so the threats businesses face today are different from the threats of a year ago – or even six months ago.
The Symantec Internet Security Threat Report (ISTR) XVI reveals significant changes to the threat landscape in 2010, including an increase in volume and sophistication of threat activity; continued growth of social networking sites as an attack distribution platform; and a change in attackers’ infection tactics. In addition, the report explores how attackers are exhibiting a notable shift in focus toward mobile devices.
Some of the common security and data protection mistakes that small businesses make are: lack of proper security software and policies, not scheduling a regular data back-up, not having a disaster preparedness plan, falling for social media scams and not buying real software. Once small businesses recognize these common blunders, they need to know what steps that they would need to take to ensure that their company doesn’t fall victim to data loss.
Small businesses can easily avoid these mistakes by following these tips:
Secure vital data
Just One data breach could mean financial ruin for an SMB. Implement a complete security solution beyond just traditional antivirus to ensure proprietary information- whether it is credit card information, customer data, or employee records-is safe.
Critical information today lives beyond the walls of the traditional office on laptops and mobile devices. To ensure that it is protected, the focus must remain on the information as opposed to the device. Maintaining strong passwords will help protect the data stored on a laptop if a device is lost or hacked.
Encryption technology can also be exploited to prevent unauthorized access to the business network. Helping employees understand this is vital – especially since small businesses are becoming increasingly more mobile each year.
Act before disasters strike
Disasters can have a significant financial impact on SMBs. According to the Symantec 2011 SMB Disaster Preparedness Survey-India findings, though SMBs in India are at risk, they are still not making disaster preparedness a priority until they experience a disaster or data loss.
According to the survey findings, half of the SMBs that have implemented disaster preparedness plans did so after experiencing an outage or data loss. Fifty-four percent SMBs still take more than six months to implement a plan to deal with outages or disruptions related to computers or technology resources in their work infrastructure.
An outage that leaves your company without access to data for too long, will surely damage customer perception of your abilities and incline them to consider moving their business elsewhere.
Backup and recovery is a critical component of complete information protection to keep SMBs’ desktops, servers and applications running smoothly in case of disruption – whether it’s a flood, an earthquake, a virus or a system failure. Start mapping out a disaster preparedness plan today.
The plan should identify your critical resources, and should include using appropriate security and backup solutions to archive important files.
Back up important files
The Symantec 2011 SMB Disaster Preparedness Survey revealed that twenty-seven percent of respondents live in regions susceptible to natural disasters. The leading causes cited were cyber-attacks, power outages or natural disasters.
In fact, 77 per cent of SMBs said they would lose at least 50 percent of their data in the event of a disaster. Customer information, financial files, etc. should all be backed up in case of emergency.
If you need daily access to electronic information have it backed up in a way that you can retrieve it and get back to work. Even small, freak accidents like a virus, Trojan horse, or electrical fires could cost your business thousands without proper data backup.
Online storage, or cloud storage, is an affordable storage option that will keep your crucial files safe in an offsite location. By keeping your data backup offsite you can be rest assured your information will be safe if a disaster affects your work place.
Freedom from freeware
Small businesses typically look for the best deal in security software due to tight budgets. However, how does a small business owner explain to a customer that their personal data was breached due to the fact that the “free” security solution that the business installed didn’t protect them against the latest threat? SMBs need more than just a free basic antivirus – A complete security solution will protect your business from today’s complex threats.
Ensure employee awareness
Develop internet security guidelines and educate employees about internet safety, security, and the latest threats. Part of the training should focus on the importance of regularly changing passwords and protecting mobile devices.
Strong passwords must be mandatory having eight characters or more and use a combination of letters, numbers and symbols (e.g., # $ % ! ?).Employees should ideally change their passwords on a regular basis, at least every 90 days. The training should not fail to d emphasize the necessity to conduct social networking with care and caution. Don’t open unidentified links, chat with unknown people or visit unfamiliar sites.
Stay in tune and evolve
Outdated security solutions cannot stand a chance against the continuously evolving threats. Be aware about both new threats and take appropriate steps towards securing against it.
As a continuous practice it’s good to learn from your mistakes. If a virus penetrated your defenses, consider changing or enhancing your current security practices.
Ask yourself why your previous security measures weren’t effective. Did you need a firewall ?? Were you lax about updating virus definitions and security patches? Did you download files without scanning them first?
Now is an ideal time to comb through, edit, and reinforce your IT security policy, as you’ll need to shore up the holes in your security practices. After all, prevention is always the best form of security. Prevention is the key to being proactive.
In today’s business environment, your information runs your business. Consequently, how you protect it, manage it, and put it to work is the key to business success. By taking a systematic approach towards IT security and data protection, small businesses can save time and money in the future and, ultimately, maintain business continuity.