One of the major myths surrounding cyber security is that smaller and medium size businesses are not as much at risk of falling prey to cyberthreat as the larger enterprise.
In fact, according to Verizon’s 2018 Data Breach Investigations Report, small businesses account for 58 percent of malware attack victims, with cyber criminals scaling their attacks to hit hundreds and thousands of businesses for the same amount of effort they’d put into attacking one big company.
SMBs are often seen as easy targets as they tend to have weaker security as a result of believing to be less at risk. But, they’re also doing more business than ever online, and often using services that don’t incorporate strong encryption data.
Cybercrime can cause major damage – to reputation and financially. Information Age’s article cites the 2018 Cisco SMB cybersecurity paper Cyber security and small and medium-sized companies: how they can defend themselves in 2019 as the Cybercrime menace grows, reporting 54 percent of cyber-attacks resulting in financial damage exceeding $500,000.
"But, there are a number of tools and services available to help improve security,” says Oliver Moazzezi, Solutions Architect at Cobweb, “and that will not adversely affect productivity – another security myth floating around."
- Identity and Access Management ensures that only those with relevant authentication can access data and services.
- Websites and email security offerings use cloud-based gateways to prevent malware reaching your business’s systems.
- Backup and recovery services ensure that data is saved and available should the worst happen, and the business suffer an attack.
- Endpoint security safeguards devices connected to your network – any of which could be compromised.
Oliver Moazzezi, continues, "Cyber security is not a nice-to-have. It should form an essential component part of any business’s IT network, and so we’ve put together a guide to how as a SMB you can make your business secure in the cloud - and remain productive.
"At Cobweb, we have the following recommendations for security planning. First of all, detail the main threats to your business.
"Secondly, create and enforce a password compliance policy - and if you or any of your users have ‘qwerty’, ‘1234567’, or ‘iloveyou’ (yes, really) as a password, now would be a good time to change and apply that password policy, as these appear in the 2018 top 10 worst passwords to use.
"And, finally, be aware of GDPR and compliance requirements."