Over the last few years, the threat to small and medium businesses around data protection has increased dramatically.
Organised Cyber Crime groups and dishonest individuals are targeting small & medium businesses with far more energy than ever before. We routinely see organisations data put at risk via Crytpo Viruses, Hacked Email Accounts, and Spyware that sits in the background causing all number of issues.
The risk of loss of business information and reputation has never been higher.
The need for SMB’s to pay attention to this threat and take the required actions, implementing the ‘IT basics’ is now a necessity. The trend towards targeting SMB’s has been acknowledged by the Australian Government introducing legislation known as the Notifable Data Breach Scheme. This requires businesses with a turnover of $3million or more to notify the Australian Information Commissioner where personally identifiable data has been breached and there is a likely hood of serious harm.
We find that many SMB’s don’t take steps to protect themselves or other parties information they are holding for one of four false reasons:
- You are too small for anyone to bother about or to be appealing. – Cyber Crime Groups often won’t select your business by name or size to try and breach you. But they cast their net far and wide using a plethora of intelligent tools, tricks and vulnerabilities, scanning the internet, looking for businesses that are not prepared. We call it the ‘opportunistic hack’. That’s how they find you, breach your organisation, and by then it’s too late.
- You don’t have anything worth stealing. – It’s more likely that you underestimate the value of your assets, software systems, IP or other people’s data that you are holding. For a Cyber Crime group, it’s worth stealing or encrypting your financial data/IP/or company documents if you are going to pay them to get it back, or it can be used to get access to further systems.
- You have nothing to lose. – This one perplexes us, it’s tough enough just being in business, we know of very few businesses that have ‘Nothing to lose’.
- You think you have a Backup. – A backup alone, is only the beginning when it comes to protecting your organisations data. And thinking you have a backup and knowing that you have a backup strategy that can withstand some of the most common types of threats are two very different things.
To help you understand the steps that you should be taking to minimise your risk, we have put together our recommended IT Basics for Small & Medium business. Please review the pages that are applicable to you to understand how prepared you are.
- On-Premise IT Recommendations (when your running your own servers on premise)
- Cloud Hosted IT Recommendations (when you are running virtual cloud servers)
- IT Maintenance & Monitoring Recommendations
- Office 365 Security Recommendations