We live in a day and age where small businesses are today capable of competing with their once untouchable enterprise rivals. How is it possible? In a word, technology. So as the number of SMBs rise in Australia, so too does the risk of exposure to threats – as with all good, comes a counter balance. Fortunately there are ways to ensure the pros outweigh the cons, regardless of the size of your organisation.
The annual Internet Security Threat Report by Symantec tests the waters to see what threats cybercriminals are employing to steal your data, and this year’s report shows the broad spectrum of risks faced by SMBs. Here are some ways to keep your information safe from the latest threats.
1. Educate your users on targeted attacks
2011 has seen an increase in targeted attacks, with cybercriminals specifically targeting organisations using customised malware, as well as targeting employees through social engineering. While we typically see large enterprises in the news for data breaches caused by these attacks, a large number of them – 18 percent of all targeted attacks in fact – are directed at businesses with 250 or fewer employees.
To combat targeted attacks, educate users on the threat environment and direct them to avoid suspicious email and social media links, as well as email attachments from unknown sources. They should also exercise caution when sharing information through social networking.
2. Minimise mobile risks
Mobile devices such as smartphones and tablets are boosting productivity in SMBs around the world. Employees are able to access important information nearly anywhere, and for the most part there has been little danger in using these devices. But cybercriminals are finally starting to pay more attention to these tools, and developing malware to compromise these devices by tracking users and stealing the information on these devices. Mobile vulnerabilities rose by a staggering 93 percent in 2011.
Be sure to implement security technology on mobile devices, such as encryption of business information. Combine this with user policies such as mandating password protection and restricting application downloads to minimize exposure to risks while maintaining the productivity these devices provide.
3. Protecting information and customer trust
Data breaches were all too common last year, and the theft of identities continued to be a focus for hackers and cybercriminals. Hacking causes the most damage in these breaches, but loss or theft of devices is the most common cause.
Data breaches not only lead to financial damage, but they can affect customer trust, which is especially important for a small business to maintain. Data loss prevention technologies can help reduce the information lost in the event of a data breach, and help you identify business processes that need improvement.
4. Defending against malware
Whether in email or on websites, malware continues to be a concern for SMBs. Many legitimate websites have been compromised by malicious code to infect visitors to blogs, personal hosted sites and even business websites.
Strong endpoint protection, combining traditional antivirus/antimalware abilities with new reputation-based technology, should be used in conjunction with browser protection to prevent malware infection on your systems.
5. Create a comprehensive security plan
The Internet Security Threat Report paints a picture of threats surrounding us, and SMBs aren’t immune. But there’s no need to panic. Knowing the threats that are out there is key to developing an effective defence strategy. In addition to the tips above, here are a few more ways to sure up your defences:
- Employ multiple forms of protection, from endpoints to each level of your network, including firewalls, intrusion detection and gateway antivirus solutions
- Be sure you are monitoring your network, to identify potential attacks before you are compromised
- Implement intelligent security policies that require confidential information to be encrypted
- Restrict the use of portable file storage devices, such as external USB drives, that can unintentionally introduce malware into your systems
- Finally, be sure your security solutions and patches are kept up to date, to deal with emerging threats.