Having an advanced knowledge of threats to enterprise information is a good starting point for companies looking to secure and protect their data. However, a false sense of security may lead many small businesses to overlook this critical step.
The problem is that many small- and medium-sized businesses don't view themselves as a target of cybercrime or as being particularly vulnerable to data breaches, according to a recent report from Business Insider. They may think criminals are more apt to go after the larger fish, but the truth is that any company, no matter the size or industry, is a potential target of data security threats.
"Hackers and thieves go for the small players because they are the ones who have lesser investments, and they know that these people do not put their business’ security on the top," Roman Ray of Smallbiztechnology.com wrote for Business Insider.
That point was proven earlier this year with the release of Javelin Research's 2011 Small Business Owners Identity Fraud Report. Specifically, the research focused on the effects data security incidents had on the revenues and retention rates of small businesses.
Last year, according to Javelin, small businesses lost a total of $8 billion to fraud. And while banks, merchants and other stakeholders made up for more than $5.4 billion of such losses, the cost to victims still totaled more than $2.6 billion.
"[Small business owners (SMBOs)] face significant financial losses as well as other issues as a result of fraud," Javelin senior analyst for risk, fraud and security Philip Blank said. "SMBOs have higher legal costs and longer time frames for resolution of fraud than consumers."
Of course, there are data security measures that small businesses can take in order to protect their assets and customers. Business Insider's report identified several effective practices that can be implemented at little cost.
"Remember that as a small business owner, it is important to always stay alert and be vigilant of your surroundings and of your co-workers. As they always say, it's better be safe than be sorry," Ray wrote.
Among the most obvious is the need to protect hardware and enterprise networks. Since this is where most data activity takes place, a small business will want to deploy measures that keep intruders out while also having the ability to identify that an incident has occurred. The quicker an issue is the spotted, the faster it can be resolved.
Security policies and procedures are also a must for small businesses, according to Business Insider. It's one thing to implement security measures, but another to utilize them. With a policy in place, employees will have a reference for what should be taking place to protect the company's information.
Finally, companies should always ensure that employees are trained on the latest threats to data security. According to the report, a well-informed workforce will be better equipped to spot security risks and be better able to avoid them before the issue mushrooms into a larger problem.
In addition to security at the office, small businesses are now also tasked with protecting employees who work remotely. Mobility is a practice taking hold for many SMBs and also serves as another area that must be considered for data security measures.
The recently released Common Sense Guide to Working on the Move added several tips focused on remote workers. Most importantly, employees must be mindful of their mobile working habits. For example, passwords should be used to protect all devices – including smartphones, tablets and laptops – according to the report, and only trusted Wi-Fi networks should be used.
Data Security News from SimplySecurity.com by Trend Micro