As the risk of successful cyber security attacks continually increase, many small business owners are still unaware of simple precautions that can save them a great deal of time and grief from a successful attack. Information Technology (IT) security for small business has been a hot topic this year as more and more small businesses are succumbing to hack attempts.
However, a recent survey conducted by McAfee and Office Depot showed that 66 percent of small and medium sized businesses surveyed felt that their data was secure and safe from hackers. In addition, 77 percent of respondents noted that they had not been hacked. Within the same survey, 80 percent of the respondents admitted to not using data protection. Only about 50 percent noted that they were using e-mail and Internet security measures. The most surprising of results however showed that 14 percent of respondents said they had not implemented any security measures within their IT environments.
As a result of our continued work with small and medium sized businesses, Global Shield IS (GSIS) has also noted that businesses with 1-50 employees tend to overlook simple IT security measures such as basic IT security awareness training, logical access controls and data encryption. With a little time and research, many of these measures can be implemented at little to no cost to the business. However, based on discussions, small business owners have no additional time or capacity to implement these security measures within their IT environments. They tend to generally focus on marketing, finance and overall expansion.
Although small and medium sized businesses tend to lack the resources to implement IT security programs within their businesses, the ever-growing threat of intrusions and theft of proprietary data increases day by day. These threats have the potential to disrupt and cripple small to medium sized businesses within hours, resulting in significant loss of data, revenue and worse of all, loss of returning customer business. Small business Chief Executive Officers (CEO) and Chief Financial Officers (CFO) should factor in a small budget to incorporate basic IT security measures that can close the most common vulnerabilities within their IT environments. CEOs and CFOs that do not understand IT Security should consult with an IT Security professional to help implement a progressive security plan.
 Office Depot Small Business Index Survey, September 2013