Stay Secure My Friend... More Hackers Targeting SMBs
Stay Secure My Friend... More Hackers Targeting SMBs
Many SMBs don’t realize it, but the path to some grand cybercrime score of a lifetime may go right through their backdoor. SMBs are commonly vendors, suppliers, or service providers who work with much larger enterprises. Unfortunately, they may be unaware that this makes them a prime target for hackers. Worse yet, this may be costing them new business.
Larger companies likely have their security game in check, making it difficult for hackers to crack their data. They have both the financial resources and staffing power to stay on top of security practices. But smaller firms continue to lag when it comes to security. In many cases, the gateway to accessing a large company’s info and data is through the smaller company working with them. Exposed vulnerabilities in security can lead cybercriminals right to the larger corporation they’ve been after.
Cybercriminals Target Companies with 250 or Fewer Employees
Research is continuing to show that cybercriminals are increasingly targeting smaller businesses with 250 or fewer employees. Attacks aimed at this demographic practically doubled from the previous year. This news has made larger enterprises particularly careful about whom they do business with. This means that any SMB targeting high-end B2B clientele, or those seeking partnerships with large public or government entities, must be prepared to accurately answer questions pertaining to security. This requires an honest assessment of the processes taken to limit security risks.
View Security Measures as Investments
CEOs must start viewing any extra investment to enhance security as a competitive differentiator in attracting new business. Adopting the kind of security measures that large enterprises seek from third-party partners they agree to work with will inevitably pay off. The payoff will come by way of new revenue-generating business contracts that will likely surpass whatever was spent to improve security.
Would-be business partners have likely already asked for specifics about protecting the integrity of their data. Some larger entities require that SMBs complete a questionnaire addressing their security concerns. This kind of documentation can be legally binding so it’s important that answers aren’t fudged just to land new business. If you can’t answer "yes" to any question about security, find out what it takes to address that particular security concern.
Where a Managed Service Provider Comes In
Anyone who isn’t yet working with a Managed Service Provider (MSP) should consider it. First, a manual network and security assessment offers a third-party perspective that will uncover any potential business-killing security risks. A good MSP will produce a branded risk report to help you gain the confidence of prospects to win new business.
A MSP can properly manage key elements of a small company’s security plan. This includes administrative controls like documentation, security awareness training, and audits as well as technical controls like antivirus software, firewalls, patches, and intrusion prevention. Good management alone can eliminate most security vulnerabilities and improve security.
How the cloud saves smaller firms money OK. You pay someone to store all of your data in the cloud, as opposed to keeping it on your own server and backing it up. And you pay on an ongoing basis. How is that possibly going to be cheaper than just making a one-time investment and keeping it your self? Let’s count the ways: (1) You lose the hardware expense –a capital expenditure cost. (2) If that hardware fails, you are out in the cold. (3) Someone has to maintain that hardware. In house IT labor is expensive. (4) If you need more capacity, you have to ramp up at a tiered level, which means you may need to buy capacity you don’t presently need (5) All of that hardware runs on software, which costs money (6) All of that software needs to be installed, updated, etc. (see # 3) (7) All of that hardware and software has to run 24/7. Are you large enough to pay for in house monitoring and support 24/7? (See again #3) (8) All of that data has to be protected with security software, which…
How good is your password? Did you know that having a weak password is one of the biggest security risks you face? This blog focuses on the best practices related to passwords that you can follow to ensure passwords are not your weakest link. Avoid sequences and repetitions: How many times have you used passwords like dollar12345 or $$$BobMckinley. Passwords containing sequences and repetitions are just easier to hack.Avoid using your personal data: Do not make your birth date, bank account number or address a part of your password. It puts your data at stake if your personal information is stolen.Don’t repeat passwords: Make sure you pick unique passwords every time. Unique, not only verbatim, but also in combination. For example, if password one is a combination of number, symbols and letters in that sequence, password two should be letters, numbers and symbols.Manual password management is not a good idea: Invest in a good password management tool. You can even find some free ones on…
Ransomware emails: How to identify and steer clear of them Ransomware attacks have suddenly become more prevalent. Each year sees more of them. Hospitals, NPOs, shipping giants, etc., have all been victims of ransomware attacks. Your business could be too! Did you know that emails are one of the most common gateways for ransomware to get into your systems? In this blog, we tell you how you can stay safe by following a few tips. If you think something is amiss, it probably is Does that email seem unfamiliar? As though you weren’t meant to get it, or it doesn’t quite sound like your colleague wrote it? Perhaps it’s not. Malicious email senders often try to mask actual email IDs with something similar. For example: An email you believe to have come from firstname.lastname@example.org might actually be from email@example.com. So take a good look at the email ID if you spot something ‘phishy’. Attachments and form fills Does the email contain an attachment that you are being asked to save to your …