Small businesses can’t afford to become complacent about the safety of their data and business records. Threats from such “net nasties” as viruses, spyware and hackers are more serious than most business owners realize.
Microsoft recently conducted a survey that showed 27% of small businesses experienced virus prevention issues daily. Surprisingly, the survey also found that many small business owners believe they don’t have to worry much about security.
Kevin Burke, Microsoft Australia’s small business group Manager warns: “While small businesses might not be directly attacked as often as larger ones, they are often impacted by viruses, worms and identity theft issues such as those which try to harvest credit card numbers.”
Smaller enterprises simply don’t have the resources to go it alone when fighting potential security threats to their security. Their attention is naturally focused on the commercial side of their activities and most operate without a formal IT security strategy.
Protect What Matters Most
George Spafford, in an article titled “Sensible IT Security for Small Businesses” on the SmallBusinessComputing.com website, says:
“Understanding how much time and money to invest in security requires that you first determine what matters most to you. It may be customer design files, accounting data and so on. Don’t try to protect everything. It’s just not realistic; the focus should be on what matters most.
“Second, look at how these critical items are threatened. Engage vendors, consultants and colleagues to figure out the best layers of defense that will reduce the risk to an acceptable level in a cost-effective manner.
“Don’t try to eliminate risk entirely. Your goal should be to lower the risk to a point that you can live with it.”
New security issues arrive daily in the form of spyware and viruses, as well as through technology developments such as wireless networking. It’s essential that protection of a firm’s software and hardware is maintained at a high level by taking advantage of offering like Microsoft’s Windows XP Service Pack 2 launched in August, 2004.
Smaller Size Can be an Advantage
Microsoft senior product manager Ben English says that smaller companies are faster to upgrade their security functionalities than larger ones. Larger firms need to text compatibility with their existing systems while smaller users can just plug in the feature like XP’s inbuilt firewall and let it do its job.
English points out that it’s not possible to prevent someone in a company from downloading suspect attachments but it is possible to alert them to the potential danger of what they’re doing. “There is also an ongoing need for user education in Internet security”.
Use the Checklist
Microsoft has prepared a checklist for businesses that will help them establish a strategy to address their security concerns. It’s not complicated and can be used as the basis of a company policy on IT security.
1. Update your software. If there’s a patch or update available download and install it.
2. Ensure all hardware is protected against viruses.
3. Set up a firewall. It’s the best protection against hackers.
4. Tighten in-house security. Employees can be as big a threat as external hackers.
5. Strengthen passwords and change them regularly.
6. Back up critical data regularly and store off-site.
7. Embrace smart web browsing; don’t visit dangerous sites and never browse from a server.
8. Safeguard vulnerable wireless networks; using encryption is recommended.
9. Connect remote users securely. Their level of security protection should be as high as any other user’s.
10. Lock down all servers and protect the network.
George Sluz, group product manager for the Symantec Gateway Security Series at Symantec Corporation, tells us why all this effort is needed and why the business owner must drive the security process.
“The Internet is vital to today’s small business. Unfortunately, the dangers posed by viruses and hackers can jeopardize privacy and productivity and erode customer trust.
“In an ideal world, small businesses would have around-the-clock network protection from an experienced Information Technology (IT) team. In reality, the small business owner faces 24/7 confusion and worry about a network attack because he or she is the IT team.”
Copyright 2005, RAN ONE Inc. All rights reserved. Reprinted with permission from www.ranone.com.