Did you know that small and medium-sized businesses are perfect targets for cyber criminals? While data is data and criminals will try to gain access to it regardless of the size of the organization, the SME crowd is a perfect target because they tend to be less secure and because automation allows modern cyber criminals to mass-produce attacks for little investment.
According to Symantec (News - Alert), 52.4 percent of spear phishing attacks -- carried out using fake emails -- targeted SMEs, with November showing a massive spike. In 2015, Kaspersky Lab’s survey said small businesses have shelled out an average of $38,000 to recover from a single data breach. The amount was significantly higher when indirect expenses and damage to reputation were taken into consideration.
Small businesses also conduct more business online via cloud services that don’t use strong encryption technology. To a hacker, that means access to sensitive data behind a door with an easy lock to pick.
These staggering statistics are precisely why experts agree that SMEs need to put cyber security at the tops of their lists in terms of priorities. As cyber attacks evolve, so must our defenses. Today's security architecture must be agile, flexible and deeply integrated, and SMEs need to keep up with the times.
The best course of action is having a plan, which includes a multi-pronged approach to protecting and defending your data.
Simple measures, like updating passwords and login details, are a good starting point. By changing your login details regularly, you can cut down your chances of being a target of cybercrime. Don’t discount firewalls, either. Always be sure to activate your firewall settings. Furthermore, installing anti-virus and anti-spyware software will protect your computer from various forms of malware, viruses, Trojan horses and other malicious software used to obtain your personal details.
Small businesses that rely on social media for customer interactions should pay close attention to what’s going on and where. Check your security settings. Be careful what information you post online, and don’t click on links that look suspicious.
If you employ a mobile workforce, always check that devices are secure. By activating the built-in security features you can avoid any access to personal details. Never store passwords, PINs and even your own address on any mobile device. Consider investing in a mobile device management solution as well. This will help protect devices and data as your workforce is out and about in the field.
Also, remote workers should never log into corporate accounts from an airport, hotel lobby, coffee shop or other public space that offers free Wi-Fi. Resist the temptation to log in until you're home or in your office.
Remember, cybercriminals are creative, changing methods as companies and banks find ways to prevent attacks. Your staff will be your first line of defense against fraud, so it is important that they are well educated on your IT and security policies. Keep your business protected with small, actionable items and keep security at the top of your list.
Edited by Rory J. Thompson