Today is a golden age for small businesses. Never before could an SMB do business with anyone, in any part of the world, so easily. Making all of this possible, of course, is the Internet. But there is a downside to this. The connectivity that lets money in can let information out -– intellectual property, customer information and even financial data. One serious incident could ruin the business, so it’s vital to understand what cybercriminals are up to in order to prepare an effective defence.
When business information is on the line, your entire organisation is at risk, particularly as a small enterprise. Today SMBs do not hesitate in operating mobile offices as they find it cost-efficient and a significant contributor to business efficiency. The Bring-Your-Own-Device (BYOD) trend has seen increased adoption recently. Mobile devices have the potential to both supercharge and invade SMBs. Employees use these devices to surf the web, check emails, and access business critical applications and to be more productive, no matter their location. But this enhanced productivity comes with risks. According to a report on threats to internet security, mobile vulnerabilities increased by 93% in 2011. At the same time, there was a rise in threats targeting the Android operating system. So cybercriminals have started paying more attention to these mobile devices and developing malware to compromise these devices by tracking users and stealing their information.
As SMBs explore opportunities of the virtual world with different platforms, it is essential for them to be aware about the current internet threat environment. Adding to the woes of SMBs is cybercriminal’s platform-independent approach to attacks. Whether it’s a Mac OS or the Windows OS platform, cybercriminals are after business information. Latest ‘Flashback’ outbreak is a wake-up call for SMBs -– malware authors now consider Mac computers a viable battleground along with the Windows platform.
Information is the backbone for SMB segment. It is essential for them to protect this information regardless of where it resides -– on the road or in the office. They need to educate employees about the latest mobile threats and how to prevent them, while implementing technologies to manage and protect the increasing usage of mobile devices
What should small business owners be doing to protect their information from the latest threats? The answer is a combination of technology and policy.
- Deploy a reliable security solution throughout your organisation, on Mac and Windows endpoints. Today's security solutions do more than just prevent viruses. They scan files regularly for unusual changes in file size, programs that match the software's database of known malware, suspicious email attachments and other warning signs. It's the most important step small businesses can take towards keeping computers clean of malware.
- Keep your security software current and your OS and third-party applications updated with the latest patches. New viruses, worms, Trojan horses and other malware are born daily, and variations of them can slip by software that is not current.
- Develop security policies and educate employees about internet safety, security and the latest threats. Train your employees to be wary of email attachments, links from unknown sources, and unusual software update requests. Most infections can be prevented by adhering to organisational policy and exercising caution.
- Enforce strong password policies. Maintaining strong passwords will help you protect data stored on a laptop if a device is lost or hacked. Strong passwords have eight characters or more and use a combination of letters, numbers and symbols (e.g., # $ % ! ?). Have employees change their passwords on a regular basis, at least every 90 days.
- Implement encryption technologies on desktops, laptops and removable media. With encryption, your confidential information is protected from unauthorised access, providing strong security for intellectual property, customer and partner data.
Protecting information is more than implementing an antivirus solution. Backup and recovery is a critical component of complete information protection to keep small business desktops, servers and applications running smoothly in case of disruption – whether it’s a flood, an earthquake, a virus or a system failure. Just as the Internet is shrinking the world of business, allowing small organizations to connect with customers everywhere, is bringing security risks to SMBs. With security threats becoming more complex and targeting critical business information such as confidential documents and customer data, now is the time for small businesses to consider moving to a higher level of information protection. At the end of the day it’s all about business growth.
The author is Managing Director- Sales, India and SAARC, Symantec