With a new study finding more than 78 per cent of organisations have suffered from at least one data breach over the past two years, Trend Micro has nominated five data security risks SME owners need to be aware of.
A newly released Trend Micro-sponsored Ponemon Institute study has found more than 78 per cent of organisations have suffered from at least one data breach over the past two years. Trend Micro says that, based on estimates, cybercriminals steal as much as US$1 billion a year from SMEs in the US and Europe alone, resulting in business owners often facing the inevitable task of recreating lost data from scratch and leaving their reputation harmed in the eyes of their customers. Here are five security risks that SMEs need to keep on top of, according to Trend Micro.
1. Employee negligence puts an organisation at risk.
A company’s greatest asset – its employees – can also be its weakest link, especially in an era wherein mobility and accessibility play a huge role in enhancing productivity.
2. SMEs aren’t protected enough
The study found that the majority of SMEs said that, in general, they can’t do enough to protect their data using the measures and technologies they currently implement. Most SMEs also doubt their organisations’ capability to thwart advanced persistent threats (APTs) or hack attacks, especially since detection or discovery of data breaches among SMEs mostly occurs accidentally.
3. Employee mobility may prove disastrous
Research shows that 56 per cent of employees very frequently or frequently stored sensitive data on their laptops, smartphones, tablets, and other mobile devices, where there is more than a 50 per cent chance that confidential information can land in the wrong hands should they lose these devices.
4. SMEs fail to routinely back up data
Less than 50 per cent of SMEs routinely back up data. This, along with risky employee behaviours, lack of adequate security protection, and various other threats to data, is putting them at great risk.
5. SMEs do not enforce data security policies
SMEs run the risk of losing data, employee productivity, revenue, and their reputation with the exponentially increasing number of data breaches. While technologies are important in data protection, properly managing the “human factor” is just as important.
Here’s six ways Trend Micro says SME owners can protect their assets and data from breaches.
Close your organisation’s doors to malware
Installing and using effective anti-malware solutions in systems and devices that contain or have access to sensitive information is important. Just as you would never leave your house’s doors open at night or when you’re not at home, your company’s doors should also never be left unguarded.
Stress how important protecting data is
Inform your employees and other insiders about your company’s security policies. Stress the personal and business consequences of not protecting their mobile devices, systems, storage devices, and the confidential data these contain from loss or theft.
Don’t let social networking endanger your network
Teach your employees how dangerous oversharing in social networking sites can be. Even if you cannot stop them from sharing information in social media, you can opt to limit the amount of time they spend on these sites while at work to lessen the chances of your company’s security perimeter from being breached.
Think of passwords as keys
The stronger the passwords to accounts are, the harder they are to crack. Keep in mind that without the right keys in hand, malicious insiders and outsiders alike will have a much harder time getting to your company’s crown jewels.
Patch holes in your organisation’s walls
Identify which information is critical, who could and should be able to access it, then investigate the best ways to protect it. Like holes or cracks in walls, areas where your company data is most vulnerable can cause your security perimeter to crumble.
Knowing is half the battle
Tell your employees that although losing unencrypted and improperly protected data stored in mobile devices may get them into trouble, failing to report such incidents is worse. This does not only put them but also their colleagues, customers, and the entire organisation at great risk.
Follow @mybusinessau on Twitter for breaking stories throughout the day.