Here’s why SMEs should be wary of information security

[Audrey McNeil <audrey () riskbasedsecurity com>]

http://ventureburn.com/2015/09/heres-why-smes-should-be-wary-of-information-security/

If you run a small business, you may think that data breaches and
cybercrime are concerns mostly for big banks, retailers and telecoms
companies. But in the worst case scenario, a data breach or a loss of
customer information can be expensive to rectify, result in your business
losing customers, and hurt your company’s reputation for years to come.

Not just for big firms

Even though headlines about data breaches and losses focus on big companies
like Sony and Dropbox, small businesses are not immune.  The UK’s
Federation of Small Businesses found that 41% of SMEs in that country
suffered from cybercrime last year. Though there’s a shortage of similar
research for South Africa, our stats are likely to be in the same ballpark.

Small companies are, if anything, more vulnerable than larger counterparts
because their defences tend to be weaker. They don’t have the IT
specialists or budgets of larger companies, so their information security
is often more basic. Yet their customer data or access to their online
banking systems are nonetheless lucrative targets for today’s highly
motivated cybercriminals.

SMEs are likely to become even more attractive as targets as a spate of
recent high-profile data breaches prompt bigger companies to redouble their
security efforts. Thus, small companies must take firm steps to protect
their businesses, especially with laws such as POPI compelling them to
safeguard the processing, usage and handling of sensitive customer
information.

A technical and financial challenge

For many small companies, this sounds daunting as they do not have the
technical expertise or the budget to build an effective on-site security
and backup solution. This is where cloud computing can be hugely valuable,
due to its ability to offer any organisation top-of-the-line protection.

Credible cloud providers’ offers strong security measures to give firms
peace of mind. The companies that provide cloud solutions have bullet-proof
security in place because they serve thousands of clients who trust them to
keep their data safe. Thus, they are able to invest in the sort of high-end
information infrastructure and processes that no SME can afford.

Get up and running with data backups

Another key advantage of cloud services is that if a business does
encounter data loss or breaches, it will be able to access backups stored
in the cloud to immediately get up and running again, minimising any
disruption to services and ensuring downtime doesn’t cost the company money.

Of course, it’s also important to follow common-sense precautions to
protect your information. Use anti-malware software on your computers.
Ensure that access to your devices and online services are protected by
strong passwords.

Encrypt any sensitive data you must store on a device’s hard drive or flash
memory. And educate your end-users about the importance following these
simple policies as well as the dangers that phishing, malware, and other
security threats pose to your business.

You wouldn’t leave your business premises unlocked overnight so that
thieves can walk in and help themselves to your assets. Don’t leave a
virtual door open for them, either. After all, your online banking logins,
customer data, and good reputation are some of the most valuable things
that your small business owns.

Protect them with care.

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!