Posts

3 things SMBs need to know about cybersecurity

If you run an SMB, cybersecurity should consistently weigh on your mind. Cybercriminals are extremely common these days, and fighting them off can be quite the challenge. In fact, the Duke University/CFO Magazine Global Business Outlook Survey found that more than 80 percent of companies in the U.S. have been hacked.

While this should make any company administrator worried, this is an especially frightening statistics for those that run SMBs. While larger organizations certainly receive more attention when they’re hacked, they also have the money and public image to bounce back when a data breach occurs. Smaller businesses, on the other hand, don’t have this luxury. A single hack can be a signal to your customers that you aren’t trustworthy, regardless of what actually happened during the hack.

With your entire business’ image on the line, it’s clear that cybersecurity needs to be a major focus n 2018. That said, this topic is so complex that finding a place to start can be difficult. Cybersecurity is vital, and not beefing up your protections simply because you don’t know where to begin is a bad idea. Therefore, let’s take a look at some of the most important areas of security today, as well as tips for SMBs to avoid these issues.

1. BYOD is vital, but it needs a security upgrade

If you run a small business, there’s a good chance you have a solid familiarity with the bring-your-own-device (BYOD) trend. This is where employees are encouraged to bring their own gadgets into the office for work-related purposes.

The benefits of such a system are obvious and very compelling for smaller organizations. The biggest of these is the cost advantages BYOD brings. The traditional model of getting devices into the hands of workers is to simply buy these devices, which can take a huge chunk out of your budget. However, by allowing workers to use their own tablets, smartphones and computers, SMBs can put the money they would have spent on gadgets toward objectives that can further the company’s success.

On top of the cost advantages, BYOD also allows for a level of familiarity that you won’t be able to produce with company-owned devices. According to a study from CIsco, U.S. employees that were allowed to use their own gadgets at work saved about 81 minutes every week. Clearly, BYOD allows for a big boost to productivity.

“There is a major drawback to BYOD in the form of cybersecurity.”

Despite all of these obvious benefits, there is a major drawback to BYOD in the form of cybersecurity. The issue is that most people simply don’t secure their own devices properly. While the lack of antimalware software on personal mobile devices is certainly an issue, the fact that many people don’t even use PINs to acces their phones is disturbing. If such a person were to lose their phone, quite literally any person that finds it would be able to access sensitive data.

While there are some clear downsides to BYOD, that doesn’t mean you shouldn’t allow for such a system within your company. You simply need to prepare your employees. This begins with some sort of meeting where teh security needs of the company are outlined. On top of that, it may be a good idea to install protective software on any device that has access to the company’s network and data.

2. Ransomware isn’t going away

In a similar vein, ransomware has also reared it’s ugly head and is making moves against SMBs. At its most basic, a ransomware attack is where the attacker encrypts a certain device or multiple devices on a network. The idea is that companies need constant access to the data contained on these gadgets, and that encrypting this information would be a major blow to operations. Therefore, the hacker is able to name his price in order to decrypt the captured data.

While this is a major issue for all the devices your company uses, one area you may want to focus on is how ransomware might affect your mobile infrastructure. Kaspersky Lab reported a 253 percent increase in ransomware attacks in Q1 2017 over the previous quarter. That’s an enormous uptick, and this is very clearly a mounting trend within the enterprise.

“Going after mobile devices simply makes sense to a ransomware hacker.”

Going after mobile devices simply makes sense to a ransomware hacker. Due to BYOD, these gadgets often contain incredibly important information, and companies can’t simply ignore how much data they contain. What’s more, smartphones and tablets often have a lower level of security than traditional computers, which is the perfect opportunity for a hacker to strike.

While the tips above can help prevent such an attack, an additional piece of advice is to back up every scrap of data that you consider important to the company. In fact, the 3-2-1 Backup technique is generally though of as the best way to protect data security from a ransomware attack. This is where you have three copies of a piece of data, kept on two different mediums with one of these mediums being kept offsite. By doing this, you can simply wipe any device hit by a ransomware attack without having to worry about losing precious information.

3. Social engineering should be your biggest concern

Social engineering is a topic we’ve touched on before, but its importance deserves constant attention, especially within smaller businesses. You can think of these attacks in the way you might think of a conman. They generally involve preying on people’s kindness in order to accomplish some sort of malicious task. For example, a hacker dressed up as a plumber might be able to talk a receptionist into letting him into a secure part of the building without clearance.

Are you sure you know who the plumber is? That handyman may not be who he says he is.

The reason this is such an issue for small businesses is that these organizations generally have a more neighborly feel to them. The entire point of hiring a small business is the friendly personal touch these companies can provide, which is a major selling point. However, this attribute can allow for hackers to get away with more than they would have if they’d attacked a larger organization.

The sad truth is that the only way to lower the threat of a social engineering attack is by hardening your employees to sob stories. Hackers will usually spin a yarn about how they lost their ID card or their login credentials, and this story is often convincing enough to get them everything they could ever want out of a company.

Therefore, organizations need to teach employees that being nice isn’t always the best thing to do. Losing login credentials may get a person in trouble, and its human nature to want to help someone in such a situation. However, doing so could be disastrous for the company.

At the end of the day, a company is really only as secure as you want it to be. You can purchase all kinds of cybersecurity software, but if you aren’t willing to take step to prevent an attack, you’re no more protected than someone who avoided these services. By increasing your knowledge and working to ensure your employees understand the importance of security, you can help keep your company’s data safe.

4 things SMBs can get out of working with a managed service provider

Managed service providers (MSPs) are booming these days. Organizations of all sizes are seeing their potential, but small and medium-sized businesses are really starting to understand the importance of MSPs. In fact, the market for these products is expected to reach $257.84 billion by 2022, according to Business Wire. That’s a compound annual growth rate of 11.1 percent compared to 2017’s market size of $152.45 billion.

Clearly, MSPs are providing a valuable service to their customers. However, many smaller institutions are still wary of investing in one. They don’t fully understand what outsourcing these duties can accomplish, and simply see the initial price as a deterrent.

That said, paying an MSP can actually end up saving money in the end if you use the services properly. To that end, let’s take a look at the top 4 reasons you should invest in an MSP today.

1. Improved security

“Cybersecurity is one of the biggest issues facing IT departments.”

If you aren’t worried about the safety of your company’s data, then you aren’t paying attention. Cybersecurity is one of the biggest issues facing IT departments, and for good reason. According to the Information Systems Audit and Control Association, there will be a shortage of 2 million security professionals by 2019.

If you operate an SMB, there’s a good chance your IT department is already limited. What’s more, there’s an even greater likelihood that you don’t have a dedicated cybersecurity employee on your payroll. This is a perfect example of what MSPs can bring to small businesses.

Due to the nature of the MSP business model, data security is of the highest priority. A company that loses control of this information will most likely be blacklisted by any prospective clients, and MSP administrators know this. Therefore, the level of security these organizations can provide is so much greater than anything your employees could ever devise.

This isn’t to say that your workers aren’t talented individuals. Rather, they simply don’t have the expertise necessary to ward off sophisticated attacks. You could hire a trained professional to do the job, but these people are incredibly expensive to hire and, as the above study shows, they’re hard to find. You’re simply better off spending your money with and MSP that can provide you a host of services on top of excellent security.

2. More robust disaster recovery

Disasters, whether they be natural or man made, absolutely terrify company administrators. In fact, the Red Cross has found that 94 percent of small business owners think such a catastrophe could ruin their organization within the next two years.

A tornado can ravage a company. A natural disaster can spell the end for a business.

Clearly, a lot of institutions simply aren’t ready for the worst. While there are many reasons behind this, the most important is the lack of a solid disaster recovery solution. These plans basically document what to do in the event of an emergency, going so far as to backup data and ensure the use of vital applications.

Sadly, most companies are completely unprepared when it comes to their disaster recovery solution. A study conducted by the Disaster Recovery Preparedness Council found that nearly three-quarters of companies are not ready to handle a catastrophe. While that’s certainly scary enough, the truly frightening part of this study was the level of testing done on these plans. Almost a quarter of respondents stated that they never test their plans, and nearly two-thirds admitted that they couldn’t pass their own tests.

This is an issue that can be easily solved by investing in a disaster recovery solution through an MSP. These organizations have highly trained staff who have seen all kinds of emergencies, and they can use these skills to help ensure the security of your company. What’s more, investing in an MSP disaster recovery solution generally comes with a data backup service. One of the keys of a robust plan is to store copies of data offsite in the event that your entire office is destroyed, and an MSP can help you accomplish this goal.

3. Freeing up of internal resources

In a similar vein, not having to assign employees to aspects like cybersecurity and disaster recovery allows them to work on projects that can actually help further your business. This is probably the most enticing benefit for the average IT worker, as these people are generally overworked.

In fact, a study from Robert Half Technology found that 43 percent of respondents believed their IT departments to be deeply or somewhat understaffed. This is a major issue, because overworked people tend to make mistakes. Therefore, relying on in-house solutions for disaster recovery, security and other areas both ties up current resources while also decreasing the overall effectiveness of what’s produced.

The sole focus of your company should be to make money, which means that internal IT teams need to focus on ways in which to improve current operations. Partnering with an experienced MSP simply frees these employees to work on projects that can further your organization’s success.

4. Better uptime

In the modern world, uptime is everything. Companies live and die on their abilities to provide digital services to their customers, and any disruption of this can be incredibly dangerous to the organization’s bottom line. According to Gartner, the average cost of downtime is about $5.600 every minute. That adds up to over $300,000 per hour, which very clearly illustrates just how serious this issue is.

However, the money you lose is only the tip of the iceberg. The real problem when it comes to downtime is the damage it can do to your customer-facing image. People have come to expect a lot of consistency when it comes to digital services, and this expectation is tied up in their opinion of an organization. Even a minor amount of downtime can forever change how a consumer views your product or services, and you may actually lose a customer for life.

Again, this is yet another area that MSPs excel in. An MSPs entire job is dependent on its ability to avoid downtime, which means they have a host of highly-sophisticated systems to sidestep the possibility of your customers not getting what they paid for. In fact, downtime is often seen as a breach of contract with an MSP, so these companies have a very real reason to do what they can to avoid it.

While these are only some of the ben
efits you can receive from an MSP, it can be easy to get lost in the number of companies who provide these services. Thankfully, you can find a strong partner in ISG Technology. We have years of experience helping companies succeed, and we’d be happy to give you everything here and more. If you’d like to hear more about us or our products, make sure to contact an ISG Technology representative today!