Skip to content

Why SMEs need better cyber security

Let’s be honest. In many cases, cyber security for small business often stops installing the paid version of antivirus software in your laptops. The argument for this approach goes something like this:

“It’s too expensive to get proper IT support: besides, nothing bad will happen to me anyway.”

But in the last year alone, ransomware attacks have grown by almost 500%. Smart home gadgets on the Internet of Things (IoT)* were found to make up 96% of all vulnerabilities, while the number of malicious or unwanted applications grew by 320%. And with so many people working from home via their own wi fi, smart TVs have also proven to be particularly vulnerable.

The truth is that small business owners are often more at risk of cyber attack because they are not as secure as larger organisations. And cybercriminals tend to follow the path of least resistance.

Of course, the irony is that SMEs find it more difficult to recover from a severe cyberattack once it occurs. The smaller the company, the fewer resources they can put into data backup and recovery if there’s a breach.

The reality of cyber security for small businesses

When you fall victim to cybercrime, the consequences often reach beyond the expectations of many small organisations.

There is the inevitable disruption to your business caused by parts of your system going down. Perhaps you’ll need to recover data. If it’s ransomware, you might be forced to pay to have sensitive information decrypted. But there’s no guarantee that the cybercriminals will actually do it. They may have stolen your data for their own nefarious ends. Or they might be scamming you out of money.

You may have to notify any affected parties about the loss of personal data, which can have a long-term impact on your reputation. You’ll also have to tell the Information Commissioner’s Office, which supervises data protection in the UK. They can then take your equipment away as part of their investigation – which means more disruption. And if they find negligence or malicious behaviour, you could face a hefty fine or even jail time.

One SME owner told me that after they had suffered a security breach, they ended up losing one of their most valuable staff members. She was under so much stress as a result of the cyberattack that she left her job.

Reducing the cyber threat to small organisations

Cyber security is not an IT problem. It is an organisational one. And there are several steps you can take that are both cost-effective and protect your business from cyber attack.

Firstly, you need to have a proper, physical firewall device installed in your network. This is not the same as having antivirus software on your computer. Frankly, not having a smart firewall device in your businesses is like not having a front door on your house. It doesn’t just stop malicious actors from hacking into your system. Your firewall device will track all the traffic on your network and make sure devices aren’t being hijacked.

You also need to segregate your Wi-Fi into at least two separate zones. Keep one reserved for guests, visitors, sales reps etc., while having a separate network for the rest of your office. A password should protect both with a minimum of 20 random characters. Because there are bots out there that can crack anything less in about 8 minutes. Other tactics include whitelisting, meaning you can physically identify and restrict the devices allowed to connect.

But your ability to reduce the risk of a data breach requires a LOT. By that, I mean it needs a layered approach consisting of Legal, Organisational and Technical protection.

For more on this, download our Cyber Security Booklet today. 

Learn more about how you can make the most cloud services to support, enhance or protect your IT infrastructure. Contact us for a free trial or demonstration.

*IoT devices are devices that connect to the network but without the benefit of either an operating system or an antivirus. On the home front, these could include smartwatches, fitness bracelets, doorbells, fridge cams, medical devices etc. In the work environment, security cameras, printers, production line sensors, and instrumentation. As these devices become more popular, they have equally become more and more of a security risk.

The new reality of remote working

The last 12 months have redefined how most businesses operate. For many organisations, remote working solutions went from ‘nice-to-have’ to ‘adapt-or-perish.’ But even as the world begins to return to some kind of normality, the benefits of having a more remote workforce remain very real. As a result, the vast majority of employers are considering a hybrid of working from home and the office.

And it’s no wonder. Because with a properly optimised remote working model, employers can:

Of course, Zoom fatigue is still very much a thing. And no one is suggesting that businesses need to switch to a completely remote workforce. But the reason these numbers are so strong is that many employees say the option of working from home helps them:

So how can you help your employees (and your business) thrive in a more normalised remote working future?

Protect your business with a hosted desktop

As an employer, you need to accept the fact that remote employees will connect to your business via a much less secure means. Whether it’s via an unsecured Wi-Fi network or a personal laptop, the risk of a cyberattack can significantly increase. So allowing direct remote access to your server is a big no-no.

A cloud-based hosted desktop service such as Citrix offers a secure virtual environment that your company has full control over. Employees can log in from any device on any network, but all activity is hosted, monitored and limited to the cloud. No data can be viewed or transferred to the physical device, and access comes with powerful encryption and a secure login feature.

These are essential for things like GDPR compliance. So you can reassure both your customers and the Information Commissioner’s Office that your sensitive data is secure.

Improve your resilience and disaster recovery

In addition to improving your resilience to cyberattack, a cloud-hosted desktop is important for maintaining business continuity. It means everything is hosted away from your physical location. So if your office goes offline for any reason, like a power outage or flood, your employees can switch to remote working.

And if a security incident does happen – you have the ability to bounce back quickly. Few SMEs have the kind of failover and redundancy capabilities offered by cloud-hosted services. These terms refer to the amount of equipment that backs up the smooth running of your service. Simply put: if something fails or is subject to a cyberattack, you can get back online with minimal time and effort.

Remote working solutions to cut costs and grow flexibility

When delivered as a managed service, hosted desktops like Citrix can significantly improve your experience as a remote employer. Apart from the obvious cost savings in terms of real estate, heating and consumables, it can help in other ways.

By removing the need for a physical office, you have a wider talent pool to recruit from. This is useful if you’re based in London. There, hiring someone with the same skills could cost around 40% more than in the rest of the country.

But it’s also possible to integrate features like VoIP and call recording into your Citrix environment, so employees can still use their office phones. As part of a managed service, you can get access to a free firewall, antivirus and monitoring software. And it can ensure your employees’ devices are more secure by forcing Windows updates.

Learn more about how you can make the most of cloud services to support, enhance or protect your IT infrastructure. Contact us for a free trial or demonstration.

Few would deny the advantages of business continuity planning (BCP). There are plenty of business continuity benefits for your organisation. The most important being greater integrity, security, speed and reputation when a crisis plays Jenga with your business model. (more…)