Advice for SMBs on simple but effective security and backup

Small and midsized businesses have a particularly challenging time protecting company data. They have many of the same security and backup challenges as large enterprises, but fewer resources in terms of funding, time and specialized expertise.

The stakes are high: Symantec’s State of Information Survey 2012 gathered information from more than 2,000 IT managers at companies with between five and 250 employees. Asked about the consequences of losing business data, the managers cited loss of customers (49%), brand damage (43%), increased expenses (41%) and decreased revenues (37%).The amount of data that businesses need to protect is also increasing rapidly. In the same survey, IT managers projected data stores at small and midsized businesses will grow 178% during the next year The good news is there are best practices that can help IT managers with limited resources protect their company data. This paper considers five essential do’s and don’ts:

1 Don’t  – Assume it can’t happen to you.

Some small business owners and IT managers assume that they are “too small to interest

hackers and cybercriminals.”

This is a dangerous assumption. Cybercriminals are increasingly focusing resources on SMBs,

and the motivation is obvious: These businesses manage substantial financial and other assets

but are typically more vulnerable than large enterprises. Also, smaller organizations often can

be the weak security link in supply chains of larger enterprises.

The evidence: One recent study found that 77% of the breaches investigated in 2012 occurred

at companies with 1,000 or fewer employees. What type of data was compromised most often at

these firms? According to the study: payment card numbers and data, authentication credentials,

copyrighted and trademarked material, medical records, classified information and bank account

numbers and information.

Many small business owners and IT managers also assume that “backup isn’t that important

for us; we can get away with very basic backup and recovery tools.” But complacency about data

backup is also ill-advised. The Symantec State of Information Survey found that 65% of small

and midsized businesses lost important business information in the past 12 months because

of human error, hardware or software failure, and lost or stolen mobile devices.