With massive data breaches making headlines on a regular basis, it’s hard to ignore the fact that data security is becoming increasingly important. Unfortunately, there are still far too many SMBs that don’t understand just how serious the threat is—and that can be dangerous.
The IT Security Threat to SMBs
Recent research demonstrates that the growing cyber security threat isn’t a trend that only affects big, national companies. It’s just as serious—if not more damaging—for small businesses to not be prepared, because data breaches and cyber attacks are real possibilities for them.
According to Ponemon Institute’s 2017 State of Cybersecurity, cyber attacks affected 61 percent of SMBs in the past 12 months, and the number of data breaches reported each year continues to climb.
If that’s not alarming enough, on average, these companies lost more than 9,350 individual records as the result of a breach.
Educating Yourself and Your Employees
Knowing what you’re up against is half the battle. If you own a small- to medium-sized business, you need to learn and be aware of current cyber threats, so you can fully protect your organisation. It’s also crucial to share relevant cyber security information with your employees, so they understand their part in helping keep the company safe.
Security is all about protecting data and preventing data loss, which used to only mean protecting your data from natural disasters and general user error. But now cyber security is an even bigger threat to companies than ever before, and you need to make sure you’re adequately prepared to deal with it, if it does happen.
The preventive steps you take can mean all the difference to the survival of your organisation.
Bad habits are hard to break, and that’s especially true when it comes to small businesses and cyber security. After all, it’s easy to think “that will never happen to me,” and let things slide, but this could end up creating real security problems that can be difficult to overcome.
Here are a few common errors you should try to avoid:
1. The Post-It Full of Passwords
Take a walk around the office and you’ll likely find at least a few desks with Post-It notes full of passwords stuck to the bottom of a computer monitor. Yes, it’s convenient, but it also provides easy access to sensitive information to people who shouldn’t have it—like disgruntled employees or a thief during a break-in.
The Fix: Explain to your employees why this is a bad idea, and give them some ideas on how to manage passwords safely. It might also be worth investing in a password manager site or app that stores encrypted passwords online. This can be a real lifesaver if your organisation tends to work with many websites and applications.
2. Outdated Operating Systems
Technology plays an important role in every business, but it’s often not the priority. That’s how things like updating operating systems slip through the cracks or get ignored until they become a serious security threat. For example, do you still have systems running on Windows XP or Windows Server 2003? Failing to update your operating system can be a serious security vulnerability, making you at greater risk of more advanced cyber threats.
The Fix: If you’re still running outdated operating systems, it’s time to transition to something more secure. A managed service provider can help you migrate your current system to a more secure platform, keeping track of critical updates and patches going forward so your system always stays up-to-date and continues to run smoothly.
3. Non-Existent or Old Security Software
Just because you’ve invested in a firewall or installed antivirus software does not mean your system protection should end there. If you don’t keep up with software updates and patches consistently, you aren’t nearly as secure as you think.
The Fix: Find out if you have the subscriptions and updates you need to keep your firewall and antivirus software as updated and as secure as possible. Many security apps come with a free trial period that is set to expire. Failing to get a subscription after can put you at risk. It’s also a good idea to reach out to a managed service provider who can oversee your security software and ensure you always have the latest version going forward.
4. Old Employees Still Having Access
Lax password policies and passwords that don’t expire create another security concern for SMBs. If you don’t set passwords to expire regularly, there’s a good chance a number of former employees still have access to your system. That doesn’t necessarily mean any of them will do something malicious, but why take the risk?
The Fix: Set up a solid password policy, and have passwords expire every 90 days. Yes, employees might think it’s a hassle at first, but the improved security will be worth it. While you’re at it, teach your employees the best practices for choosing a strong password that’s easy to remember but hard to guess.
How Lanrex Can Help
With as high as 81% of all cyber security breaches happening to SMBs, you need a managed service provider like Lanrex who can help you identify risks to your business, guide you in creating an effective cyber security strategy and be with you step by step to help you respond and recover.
Contact us to find out more about Lanrex’s cyber security solutions and how these can help you grow your business securely.