With Gartner reporting product improvement and technology as the biggest-rising priorities for CEOs in 2017, its clear businesses of all sizes are thinking about how they can prepare for a digital tomorrow. Changing the face of all organisations as we know it, rising technologies such as cloud, IoT, AI and others are shaking up the playing field and shaping the digital agenda. With large corporations investing a lot of money to embrace this change, the pressure is on small and medium-sized enterprises (SMEs) to not get left behind, which could mean being susceptible to cyber criminals.
Making up 99 per cent of all private sector businesses, SMEs are a key to the UK’s economy, driving growth and ensuring employment. Even more impressive – the combined annual turnover of SMEs last year was over £1.8 trillion, almost half (47 per cent) of all private sector turnover in the UK. However, to continue this growth, SMEs need to keep up with the pace technology is moving at. For example, the constant advances in technology has meant businesses of all sizes now have access to a surplus of data. And when used correctly, this information can not only be used to understand customers better – therefore, creating more targeted campaigns – but also to develop holistic business strategies.
However, it’s important to remember that holding data comes with great responsibility to keep it secure, and with the current and constant threat of cyber criminals looming, it has never been harder to protect your business.
Revealing the scale of the problem, a staggering 71 percent of SMEs suffered some kind of security breach in 2016. Despite this vulnerability, many are still not effectively protecting their data from future attacks. And with next year’s EU GDPR regulation coming into play, it’s time for SMEs with sensitive personal or financial data in their possession to start implementing internal protection against threats.
No matter their size, we understand that small businesses need to take proactive steps to protect their assets from cyber criminals. Here are five tips to doing just this.
Awareness starts with a conversation
As we know from the recent attacks in the UK, the constant threat we face every day is the possibility of an attack by cyber criminals. The changing nature of today’s workforce means people are now expected to be more productive on the move – accessing files from outside the office – and BYOD has led to more data-producing devices accessing the network. All this amplifies the risk of cyber crime.
To encourage proactivity, SMEs should establish workshops to discuss how they manage and secure their data, what their environment consists of and how they thinking about cyber security within their practice area. To quickly show weaknesses in systems and gaps in knowledge, having conversations about what they consider as critical data and what makes up good password practices is an effective place to start.
Embrace the cloud
By 2020, the number of internet-connected things is predicted to reach over 50 billion devices. Right now, most Internet of Things (IoT) smart devices aren’t in your home or on your phone, they are in factories, businesses and healthcare. But what does this mean for SMEs? Consider each device as a doorway into your company’s network. The more devices that are bought and used in the workplace, the more opportunities and ‘doorways’ open to malicious attackers.
Once you’ve done this, it’s wise to put in place a secure back up plan in the cloud. By saving and securing data across multiple locations will ensure your business is not a victim of ransomware. This is especially important as this is where online criminals will successfully infect your system and take data hostage.
Get your encryption right
Of course, prevention is one of the fronts where the cyber security battle rages on. For small businesses, having the right encryption is a big part of building a solid online fort to keep hackers out. A good starting point is by encrypting at an individual level, what’s incoming and outgoing, as well as the data behind the firewall. Auditing protocol plays an important role in encryption.
Identify where the value lies
If you don’t know what is in your safe, what’s the point of having one? Every business will have something that people want, whether it’s customer data sets, financial information or connectivity to larger organisations. Businesses of all sizes should locate and identify where their value resides, control the flow of access to this information and create a more robust security strategy around this.
By keeping your small business updated and ahead of cyber criminals, subscribing to groups like Cyber Thread Alliance will ensure you have the protection you need to assets. These sorts of groups help business understand what’s flowing into, what already exists and what may be flowing out of your environment.
Let service applications be your shield
From helping secure data hatches when it comes to monitoring the flow of data through mobile devices, to watching how the information is passed through office printers (an office tool not usually associated with data theft), small businesses should not overlook service as a security application.
Rob Ashworth is SMB director at Insight UK.