Helping SMEs safeguard their business against cyber-attacks

We’re all well-versed on how rising technologies such as cloud, IoT, AI and others are changing the face of organisations as we know it. As they continue to define the digital agenda, it’s no surprise to hear that product improvement and technology were revealed as the biggest-rising priorities for CEOs this year. 

Although it’s promising to see businesses consider how they can prepare for a digital tomorrow, implementing an IT infrastructure of this magnitude doesn’t come without time, money and knowledge. Whilst large enterprises have the means to invest these resources, small-and-medium enterprises (SMEs) struggle to know where their capital is best placed. Intensifying this struggle, is the pressure on SMEs to secure their place in the digital tomorrow, or risk getting left behind. 

Making up 99 per cent of all private sector businesses, SMEs are key to our economy, driving growth and ensuring employment in a turbulent market. With a combined annual turnover of over £1.8 trillion, almost half (47 per cent) of all private sector turnover in the UK, it’s never been more vital for SMEs to keep up with the pace of technology in order to continue this growth.  

The SME challenge 

There’s no silver bullet, but one rich resource that has become accessible to organisations of all sizes is data. When used correctly, this information can be used to understand customers better, drive productivity and develop holistic business strategies. However, with the current and ongoing threat of cyber-attacks looming, organisations have a great responsibility to keep all this data secure. 

Despite this vulnerability, many are still not effectively protecting their data from future attacks. It was – after all - Lloyds which revealed that despite 97 per cent of UK firms having experienced a data breach in the last five years, over half (57 per cent) admitted to knowing little or nothing about the new EU General Data Protection Regulation (GDPR) which is set to come into effect next May. 

With a staggering 71 per cent of SME’s suffering some kind of security breach in 2016, SMEs with sensitive personal or financial data in their possession need to make sure internal protection against these threats is number one on their agenda. 

But where should SMEs start? Here are five tips for helping small businesses taking proactive steps towards protecting their assets from cyber-criminals:  

1.       Raise awareness with a simple conversation  
 

Made clear from the latest cyber-attacks, the simple truth is that without secure systems in place, there is a constant threat we should expect to see surface more regularly. With a move towards a more flexible and agile working environment, employees are expected to be more productive on the move – meaning access to company files isn’t just limited to the office. Both this and an increasing soar in bring-your-own-device (BYOD) practices has led to more data-producing devices accessing the network. And what does that mean? A more open playing field for cyber-criminals.    

To quickly show weaknesses in systems and gaps in knowledge, having conversations about what is considered to be critical data and what makes up good password practices is an effective place to start. SMEs should look at establishing workshops to discuss how they manage and secure their data, what their environment consists of and how they thinking about cyber security within their practice area.

2.       Keep hackers out by building a solid online fort

As we know, prevention is one of the fronts where the cyber security battle rages on. That’s why having the right encryption is a big part of building a solid online fort to keep hackers out. A good starting point is to encrypt at an individual level, what’s incoming and outgoing, as well as the data behind the Firewall. Auditing protocol plays an important role in encryption.  

3.       Staying safe in the cloud  
 

Right now, most Internet of Things (IoT) smart devices are in factories, businesses and healthcare. But by 2020, the number of internet-connected things is predicted to reach over 50 billion devices, meaning we’ll see more IoT devices in our homes and phones. So what does this mean for SMEs?  SMEs should be cautious that each device is a doorway into your company’s network. The more devices that are bought and used in the workplace, the more opportunities and ‘doorways’ open to malicious attackers. 

To fully protect yourself, it’s wise to put in place a secure back up plan in the cloud. By saving and securing data across multiple locations will ensure your business is not a victim of ransomware. This is especially important as this is where online criminals will successfully infect your system and take data hostage. 

4.       Service applications come to the rescue  

From watching how information is passed through office printers (an office tool not usually associated with data theft) to helping secure data hatches when it comes to monitoring the flow of data through mobile devices, small businesses should not take for granted service as a security application.

5.       Time to pinpoint where the value lies

Every business will have something that cyber-criminals want, whether it’s customer data sets, financial information or connectivity to larger organisations. Organisations of all sizes should locate and identify where their value resides, control the flow of access to this information and create a more robust security strategy around this.

By keeping your small business updated and ahead of cyber criminals, subscribing to groups like Cyber Thread Alliance will ensure you have the protection you need to assets. These sorts of groups help business understand what’s flowing into, what already exists and what may be flowing out of your environment. 

Rob Ashworth, UK Hosting Solutions & SMB at Insight
Image source: Shutterstock/alexskopje