A tour of any modern small business will highlight how IT solutions are critical to business success. From email and communication systems to productivity applications, these tools do everything from reporting on financial data to organizing supply chain logistics.
And yet despite this reliance, IT security is often seen as an onerous requirement.
The problem with this stance is that small businesses are under attack. According to the 2017 Ponemon Institute Study, more than 61% of small and medium-sized businesses (SMBs) have fallen victim to hackers in the last 12 months. Smaller businesses are a lucrative target for cyber attacks, because most do not have the defenses in place to protect, detect or react to attacks.
So how can you build the best security to safeguard your organization, users and data?
The most important thing to remember is that small business security solutions need to be size-appropriate in terms of implementation and use - but they should not be any less effective than those for larger enterprises. The data is no less sensitive, the disruption no less serious.
To help achieve this, here are eight small business-friendly questions to ask when choosing your IT security solutions.
1. How much administration does it need?
Most small businesses do not have a sizable IT team. Security solutions with 'stickiness' tend to be simple to implement and intuitive to manage.
2. Is it automated?
Should your IT security solution detect an problem - for example, an action falling outside established restrictions - it should automatically take action before any damage is done. It can't wait until a human intervenes.
3. Is it intelligent?
Solutions that just offer information result in the need for constant monitoring, interpretation and guesswork. Choose intelligent solutions offering insights that can help spot and stop a breach.
4. Is it accurate?
Small businesses cannot afford the time and manpower to investigate false positives. A system which offers 50 'possible' alerts a day is worse than useless - as genuine issues are likely to be overlooked.
5. Is it cost-effective?
Security doesn't have to come at a high cost - but it does need to be effective in relation to its cost.
Think about all the possible impacts of a security breach in your business - from lost productivity while your systems are down to the manpower needed to recover damaged data or redo lost work, and even long-term reputational damage if your customers are affected.
6. Will implementing it be disruptive?
Solutions that work alongside existing infrastructure don't frustrate IT teams.
7. Will it be a burden to users?
If a security solution overwhelms and stifles productivity, users can't do their job and the solution is already dead on arrival.
Security should be behind the scenes, protecting users and the environment until the moment an action truly conflicts with security protocol.
8. Is it 'belt and braces'?
Look to add layers to your security strategy. Putting a layered defense in place maximizes your chances of stopping a threat before it starts.
Copyright 2018. Article made possible by site supporter François Amigorena, founder and CEO of IS Decisions, provider of infrastructure and security management software solutions. Read the whitepaper: The challenge to secure small and medium sized business