Top IT Security Bloggers

Keeping your small business secure



Web-security-stock

In a previous blog, we explained how it's not only large businesses that are affected by evolving security threats – small businesses are becoming increasingly prone to attacks. With this in mind, here are our next set of tips for combatting cybercrime:



  1. All information has a value – Never assume that you are not a target; it might not necessarily be your bank details they are after. Consider your intellectual property, such as product roadmaps, competitive bids and pricing information. These need as much protection as your customer details and credit card information has.

  2. Remember the old, as well as the new – No matter how much research and advice you are given on new threats, it doesn’t mean the old ones have gone away. Traditional anti-malware technologies still play an important part in reducing your security risks.

  3. Education is key – Remember the importance of educating your whole team, from the CEO to the cleaner. For example, simple things like plugging in a USB found in the car park or opening an attachment from someone you don’t know could spell disaster if they bring in a virus or information-stealing advanced persistent threat (APT). If people are not aware of these concerns they won’t change their behaviour, leaving the company vulnerable to the simplest of attacks.

  4. Data loss prevention – Solutions are affordable, even for small businesses. Essentially they prevent the critical information inside your organisation from leaking to the outside world. You wouldn’t leave your front door unlocked if you were going out for the day, so why do the same to your business?

  5. Unmanaged doesn’t have to mean uncontrolled – Many employees now bring their own devices to the workplace, so introduce ‘bring your own device' (BYOD) policies to ensure that your corporate information is safe. For example if corporate email is made available on the device, insist there is a password and where possible encrypt and segregate the information. Reinforce the policies with a security gateway, protecting you and your network from threats inside and outside the business.


So, ignore security at your peril: changing working practices requires changing security policies. Don’t forget that whilst there are many new threats, there are also plenty of organisations you can turn to for advice – your security provider to start with, but also associations such as the Information Systems Security Association. All of these can provide valuable information when it comes to keeping your company and its information secure.


Guy Bunker





Permalink

| Leave a comment  »

Read the full article