Are You Kiddin' Me?, General, Security, Software
December 9, 2006
The Small Business Technology Institute and Symantec joined forces in 2005 to study the network security of 1,000 small businesses. The results are pretty bad.
Good news, bad news – ready? Here we go:
Good news: According to the study, about 70% of small businesses feel that securing their data is a high priority and a little over 80% are confident in the current measures they take to provide security. Awesome!
Bad news: 56% of these small businesses had at least one security incident in the past year. Even more disturbing, many still had not taken steps to protect themselves and their data from future attacks 8o. About 20% didn’t even scan incoming email for viruses. More than 60% had not secured their wireless network with even the most basic encryption. Not good.
These small businesses could be the corner hardware store where you buy a ladder, the little gift shop you visit while on vacation or the mechanic who fixes your car. These are the types of businesses interviewed in this study. After you give them your credit card, do you know where that number goes? Is this small business’ network secure? Do they have a firewall in place with up-to-date anti-virus?
Let’s say their network was hacked and you suddenly became a victim of ID theft. Do you think that this small business has the resources to remedy that problem? Would they even know that they were hacked? Or would you be the first to find out after you saw odd charges on your credit card and started getting phone calls from bill collectors?
This report shows that many small businesses do not understand how much damage can be caused by information security incidents. It also shows that many aren’t educated about cyberthreats and have fail to adequately invest in security. This means they are the easy targets for hackers.
Larger companies have made big strides in security and that has made them harder targets for hackers. So, when one target proves too difficult, a hacker simply moves to an easier target.
Every business should have AT LEAST the most basic security in place: anti-virus software, a firewall, anti-spyware software, and anti-phishing software on all computer systems. Many of these measures are available for free and so there really is no excuse for not having them in place. Here are a few resources to check out:
Free Anti-virus:
Free Online Scanners:
Free Firewall:
I certainly am not against small business – heck, I own a small business. But, one serious security incident involving private data will knock the feet out of any small business. So, if you fit the descriptions of some of the small businesses in the “Bad News” section above, take some time to investigate the free software I listed. If you have the budget for it, look into purchasing a more robust security option. Ultimately, it is for your protection and the protection of your customers.