Published:
03/17/2011 02:33pm
Small Office Security is No Small Task
Small Office Security is No Small Task
Cybercriminals Are Targeting Those Least-Equipped to Defend Themselves
By Gary Mullen, vice president of corporate marketing, Kaspersky Lab Americas
Web-powered office and communication technologies have revolutionized small businesses over the past decade. The Internet has helped level the playing field, and enabled the 4.7 million businesses in the U.S. with 10 employees or fewer to compete with the ‘big guys’ for customers worldwide. But the technology that allows these organizations to flourish also carries inherent security risks, and these small offices are most vulnerable. In a five-person business, there’s often no dedicated IT manager. That means these small offices are equipped with sophisticated technology, but lack the manpower and expertise to secure and manage it all.
Like all predators, cybercriminals gravitate towards the weakest targets. With an arsenal of easily-distributed malware at their fingertips, hackers can easily target small offices with malware that can wipe out your machines, steal the financial data of your customers, or worse, hijack your bank transactions. In fact, the number of cyber-attacks that specifically target small offices has grown steadily each year. Larger businesses have the money and resources to secure their systems proactively, and to repair the damage to their systems and reputations in the event of a malware infection. But for a fledgling business, an incident like this could push it into financial ruin.
The right security software can effectively protect you from most of these threats, but a little common-sense goes a long way towards creating secure business practices. Here are five tips to consider when thinking about the security of your business and data.
1) Educate Your Workforce
Make sure your employees know a simple fact: no business is ‘too small’ to be targeted by cybercrime. Set clear expectations with your employees that you expect them to conduct their online work with the utmost vigilance and sensitivity to anything that appears suspicious or inappropriate for the workplace. There are a number of news services that provide easy to read overviews of daily security headlines to keep your employees informed – www.Threatpost.com is a great place to start.
2) Loose Clicks Sink Ships
It’s a sad truth – the majority of cyber-incidents can be traced back to a single mistake made by an unsuspecting person. Social networks like Linked-In, Twitter and Facebook can be fantastic ways to connect with customers, but they are a breeding ground for malware as well. Be sure your employees know not to install unknown applications or open suspicious URLs while building your company’s online presence.
3) Close Vulnerabilities
No matter what kind of security software or policies you have in place, your business will be vulnerable if you’re running software that lacks the latest updates, or using web browsers that are years out-of-date. Third-party applications, Adobe for example, are targeted much more frequently than the computer’s Windows operating system, so make sure your workforce is equipped with current software, and ensure they understand the importance of accepting software updates when prompted.
4) Backup, Backup, Backup
…and then Backup some more. The time you spend setting up a data backup system is a pittance compared to the monumental hassle of retrieving data from a broken hard-drive on an employee laptop. Whenever possible, set your backups to run automatically, instead of relying on employees to manually backup their work. You can backup to protected storage drive in your office, or even to a cloud-based storage system.
5) Make Sure the Cure isn’t Worse than the Problem
I hope it’s clear from this article that you need security software in your small office, but make sure you install the right solution. Too often, very-small businesses will purchase software designed for much larger enterprises, and then struggle to install and manage it