When we think of online safety and the threat of illegal hacking we think of high profile cases like Sony’s recent troubles on the PlayStation network where thousands of customers’ credit card details were compromised, or blockbuster films where our hero has to fend off cybercriminals to save the day, deactivate that bomb and protect the innocent before he can ride off into the sunset with the girl of his dreams.
However, cybercrime is very real – in fact, it’s a multi-trillion dollar international enterprise and something that companies of all sizes need to take as a serious concern.
Criminal hackers see SMEs as an easy target
Small businesses are a high risk group for cybercrime as they are even more reliant on emerging online technologies which in turn makes them more susceptible to cyber-attacks.
Cyber criminals are not picky choosers and will go after any business that stores their data in an electronic format. They don’t care that you’re not the biggest fish in the pond, they care about a quick scam.
The number of cases of small businesses affected by cybercrime is also increasing due to the fact that cyber criminals can hack into a small business a lot quicker compared to the many obstacles they would face targeting a major corporation with a well-structured security system.
Research by Verizon and the US Secret Service released figures in 2010 that showed cyber-attacks on companies with 100 or fewer employees in the US were at 761, 63% of the total cybercrime cases handled that year. That’s up from 141 attacks in 2009, when attacks on small businesses accounted for just 27% of cybercrime attacks.
The challenge for small business owners
Many small and medium enterprises (SMEs) have a limited budget and not many will have resource for a dedicated IT team, leaving them generally weaker than a larger business and a more attractive target for online crooks.
What’s more, a small business will feel the effects of a security breach so much more. Losing customer trust, a delay in delivering on business promises or the high cost of tightening up security will have a serious impact on the bottom line for a small business.
The weak link in the security chain
Whereas a large business will have strict HR policies about data protection, IT teams, security systems and staff training, a small businesses security policy is only as secure as the staff who apply it.
All it takes for a cyber criminal to access important information is to convince one not-so-tech-savvy staff member that they are providing tech support and need to access their systems and passwords. Sometimes just one weak link in the chain is all that’s needed.
Without proactive security systems in place, small businesses often don’t find out there is a problem until the damage has been done and the hackers have long since moved on to their next victim.
Even when systems are being monitored many ‘crackers’, a term for hackers who use their knowledge of hacking for illegal activity and personal gain, have a way of covering their tracks to make it look as though it’s business as usual. It’s the equivalent of that trick you see in the movies where the bad guys record mundane security footage and play it back through the system while robbing the bank.
A little less conversation, a little more action!
Big or small, businesses need to take online security seriously and the good news is that there are lots of steps small businesses can take to improve online security.
Management need to develop a culture of security where employees follow identity checks before revealing even the most harmless personal information about their colleagues, or admitting non-staff into office buildings, no matter how convincing their story may be.
IT staff, or the designated IT pro, should regularly change passwords, turn on firewalls, and keep antivirus software up to date to avoid exploitation of company systems.
Sensitive files should be encrypted and any files not frequently in use should be taken offline and placed in backup storage.
More tips for small businesses
If you’d like to read more advice on online safety for small businesses, check out our latest Online Safety Series fact sheet.