The recent and embarrassingly public rash of security breaches at large companies has brought into sharp focus the vulnerability at the enterprise level for data loss. Target, Home Depot and Sony are perhaps the biggest names among dozens of companies who have all lost billions of dollars and suffered significant publicity problems as a result. However, the common consensus among small businesses we talk to seems to be “Yeah, but that’s Target, nobody cares about our data.”
Consider TechRepublics comments on the 2013 edition of Verizons’ Data Breach Investigations Report (DBIR):
“When discussing the importance of information security we’ve probably heard excuses such as “we’re too small to be a target” or “we don’t have anything of value”, but if there’s anything this report can teach us, is that breaches can and do occur in organizations of all sizes across a large number of industries.”
In fact, according the The Guardian “Information Security Breaches Survey 2014” 60% of all small businesses had a security breach in the previous year. And “10% of organizations that suffered a breach in the last year were so badly damaged by the attack that they had to change the nature of their business.”
So how can a small business with a limited budget protect themselves? There are several simple steps that every company should take to ensure they mitigate their risk, and more importantly, show anyone who asked that they have given thoughtful consideration to their data. Here are the three simplest and most pragmatic ways to help your company limit its risk.
Firewall: A firewall is the gateway to your environment. Think of it like a moat around your castle. It actively runs software 24/7 that inspects every data packet entering (and in many cases leaving) your network. It automatically filters viruses and malware, it can block content that is known to carry threats, and it prevents intrusions. They can be purchased as a capital expense or as a monthly operating expense.
Patches: Microsoft, Adobe, Java and nearly all of the big players in software have large teams dedicated to creating fixes that prevent threats by literally “patching” holes in their code that could allow malicious threats into an environment.
Antivirus and Anti-malware software: It sounds obvious, and yet in a McAfee global study in 2012, it was found that 1 out of 6 computers does not have current antivirus software. Of these a large percentage use freeware, which is significantly less effective than a paid version.
In security, your best defense is a good offense. Call us today for a free security assessment.